Visual Studio 2022 version 17.6 Release Notes
Tip
Coming soon: Get early access to the latest AI driven features with GitHub Copilot for Visual Studio. Dive into comprehensive code interpretations, generate unit tests, and discover solutions to fix bugs. Sign up!
Tip
Watch the recordings of the Visual Studio 2022 launch event to learn about what's new, hear tips & tricks, and download free digital swag.
Developer Community | Visual Studio 2022 Roadmap | System Requirements | Compatibility | Distributable Code | Release History | License Terms | Blogs | Latest Release Known Issues | Whats New in Visual Studio Docs
Click a button to download the latest version of Visual Studio 2022. For instructions on installing and updating Visual Studio 2022, see Update Visual Studio 2022 to the most recent release. Also, see instructions on how to install offline.
Visit the Visual Studio site to download other Visual Studio 2022 products.
Visual Studio 2022 version 17.6 Releases
- November 12th, 2024 — Visual Studio 2022 version 17.6.21
- October 8th, 2024 — Visual Studio 2022 version 17.6.20
- September 10th, 2024 — Visual Studio 2022 version 17.6.19
- August 13th, 2024 — Visual Studio 2022 version 17.6.18
- July 9th, 2024 — Visual Studio 2022 version 17.6.17
- June 11th, 2024 — Visual Studio 2022 version 17.6.16
- May 14th, 2024 — Visual Studio 2022 version 17.6.15
- Apr 9th, 2024 — Visual Studio 2022 version 17.6.14
- Mar 12th, 2024 — Visual Studio 2022 version 17.6.13
- Feb 13th, 2024 — Visual Studio 2022 version 17.6.12
- Jan 9th, 2024 — Visual Studio 2022 version 17.6.11
- Nov 14th, 2023 — Visual Studio 2022 version 17.6.10
- Oct 24th, 2023 — Visual Studio 2022 version 17.6.9
- Oct 10th, 2023 — Visual Studio 2022 version 17.6.8
- Sep 12th, 2023 — Visual Studio 2022 version 17.6.7
- Aug 8th, 2023 — Visual Studio 2022 version 17.6.6
- July 11th, 2023 — Visual Studio 2022 version 17.6.5
- June 20, 2023 — Visual Studio 2022 version 17.6.4
- June 13, 2023 — Visual Studio 2022 version 17.6.3
- May 25, 2023 — Visual Studio 2022 version 17.6.2
- May 22, 2023 — Visual Studio 2022 version 17.6.1
Visual Studio 2022 version 17.6
Support Timeframe
Enterprise and Professional users of Visual Studio 2022 version 17.6 who are configured to receive updates on the 17.6 LTSC channel are supported and will receive fixes to security vulnerabilities through January 2025. For more information about Visual Studio supported baselines, please review the Support Policy for Visual Studio 2022.
Click one of the buttons below to download the most secure release of Visual Studio 2022 version 17.6 from the 17.6 LTSC channel. Additional 17.6 LTSC products can be found on the Visual Studio Subscriptions site.
The Visual Studio Community edition is supported only on the Current Channel with the latest servicing release of the latest minor version of Visual Studio.
Visit the Visual Studio site to access links for the most current versions of the Visual Studio 2022 products. For instructions on installing and updating Visual Studio 2022, refer to Update Visual Studio 2022 to the most recent release. The Visual Studio Administrator's Guide contains guidance for how to deploy Visual Studio across your organization.
Visual Studio 2022 Blog
The Visual Studio 2022 Blog is the official source of product insight from the Visual Studio Engineering Team. You can find in-depth information about the Visual Studio 2022 releases in the following posts:
We’ve addressed a number of your top-reported bugs in this release and added new features based on your suggestions in Developer Community. Thank you for your continued feedback. Here’s a list of your suggestion we are shipping as part of this release.
Visual Studio 2022 version 17.6.21
released Novemeber 12th, 2024
What's New in this release
Security advisories addressed
- CVE-2024-43498.NET NrbfDecoder component Remote Code Execution Vulnerability
- CVE-2024-43499.NET NrbfDecoder component Denial of Service Vulnerability
- CVE-2024-49044 Visual Studio Elevation of Privilege Vulnerability
Visual Studio 2022 version 17.6.20
released October 8th, 2024
What's New in this release
Developer Community
Security advisories addressed
- CVE-2024-43483 .NET Denial of Service Vulnerability in System.Security.Cryptography.Cose, System.IO.Packaging, System.Runtime.Caching
- CVE-2024-43484 .NET Denial of Service Vulnerability in System.IO.Packaging
- CVE-2024-43485 .NET Denial of Service Vulnerability in System.Text.Json 6.0.x and 8.0.
- CVE-2024-43603 Denial of Service Vulnerability in Visual Studio Collector Service
- CVE-2024-43590 Elevation of Privilege Vulnerability in Visual Studio C++ Redistributable Installer
Visual Studio 2022 version 17.6.19
released September 10th, 2024
What's New in this release
Security advisories addressed
CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Visual Studio 2022 version 17.6.18
released August 13th, 2024
Summary of What's New in this release
Security advisories addressed
- CVE-2024-38167 - A vulnerability exists in .NET runtime TlsStream which may result in Information Disclosure.
- CVE-2024-38168 - A vulnerability exists in .NET when an attacker through unauthenticated requests may trigger a Denial of Service in ASP.NET HTTP.sys web server. This is a windows OS only vulnerability.
- CVE-2024-29187(Republished) - WiX based installers are vulnerable to binary hijack when run as SYSTEM
Visual Studio 2022 version 17.6.17
released July 9th, 2024
Summary of What's New in this release
- Update MinGit to v2.45.2.1 that includes GCM 2.5 which addresses an issue with the previous GCM version where it reported an error back to Git after cloning and made it appear like the clone had failed.
Security advisories addressed
- CVE-2024-38081 A Vulnerability exist in Visual Studio installer on Windows OS where an unprivileged user is allowed to manipulate the Visual Studio installation resulting in elevation of privilege.
- CVE-2024-30105 A vulnerability exists in .NET when calling the JsonSerializer.DeserializeAsyncEnumerable method against an untrusted input using System.Text.Json may result in Denial of Service.
- CVE-2024-38095 A Vulnerability exists when System.Formats.Asn1 in .NET parses an X.509 certificate or collection of certificates, a malicious certificate can result in excessive CPU consumption on all platforms result in Denial of Service.
- CVE-2024-35264 A Vulnerability exists in ASP.NET Core 8 where Data Corruption in Kestrel HTTP/3 can result in remote code execution.
Visual Studio 2022 version 17.6.16
released June 11th, 2024
Summary of What's New in this release
- After upgrading to Germanium build of Windows, WSL requires a manual upgrade. This can cause Visual Studio to hang when opening CMake projects.
- Fixed a bug in the PDB reading code to ignore expected failures in certain FASTLINK PDBs.
Developer Community
Security advisories addressed
- CVE-2024-30052 Remote Code Execution when debugging dump files that contain a malicious file with an appropriate extension
- CVE-2024-29060 Elevation of Privilege where affected installation of Visual Studio is running
- CVE-2024-29187 WiX based installers are vulnerable to binary hijack when run as SYSTEM
Visual Studio 2022 version 17.6.15
released May 14th, 2024
Summary of What's New in this release
- The "Xamarin" and "Xamarin Profiler" installer components have been marked "Out of support".
- This release also includes an OpenSSL update to v3.2.1
Security advisories addressed
- CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution.
- CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories
- CVE-2024-30045 A Remote Code Execution vulnerability exists in .NET 7.0 and .NET 8.0 where a stack buffer overrun occurs in .NET Double Parse routine.
- CVE-2024-30046 A Vulnerability exists in Microsoft.AspNetCore.Server.Kestrel.Core.dll where a dead-lock can occur resulting in Denial of Service.
Visual Studio 2022 version 17.6.14
released Apr 9th, 2024
Summary of What's New in this Release of Visual Studio 2022 version 17.6.14
- With this bug fix, a client can now use the bootstrapper in a layout and pass in the --noWeb parameter to install on a client machine and ensure that both the installer and the Visual Studio product are downloaded only from the layout. Previously, sometimes during the installation process, the installer would not respect the -noWeb parameter and would try to self-update itself from the web.
Security advisories addressed
- CVE-2024-21409 A use-after-free vulnerability exists in WPF which may result in Elevation of Privilege when viewing untrusted documents.
- CVE-2024-28929 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28930 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28931 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28932 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28933 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28934 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28935 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28936 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28937 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28938 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28941 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28943 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-29043 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
Visual Studio 2022 version 17.6.13
released Mar 12th, 2024
Summary of What's New in this Release of Visual Studio 2022 version 17.6.13
Security advisories addressed
- CVE-2024-21392 A vulnerability exists in .NET where specially crafted requests may cause a resource leak, leading to a Denial of Service.
- CVE-2024-26190 A Vulnerability exist in MsQuic.dll which might result in a peer to allocate small chunks of memory as long as connection stays alive.
- CVE-2023-27911 This advisory is being republished to indicate that Autodesk® FBX® SDK is no longer supported in Visual Studio 2022.
Visual Studio 2022 version 17.6.12
released Feb 13th, 2024
Summary of What's New in this Release of Visual Studio 2022 version 17.6.12
Security advisories addressed
- CVE-2024-0057 A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw.
- CVE-2024-21386 A vulnerability exist in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.
- CVE-2024-21404 A denial-of-service vulnerability exist in .NET with OpenSSL support when parsing X509 certificates.
Visual Studio 2022 version 17.6.11
released Jan 9th, 2024
Summary of What's New in this Release of Visual Studio 2022 version 17.6.11
- The updated version of IncrediBuild fixes an issue where building CMake projects using the standard build menu commands would incorrectly redirect the build to use IncrediBuild by default.
- Fix infinite recursion in ASan - In a newer version of Windows, ntdll has started calling
memset
in their exception handling machinery; thus, we must make sure that if we are called by ntdll, we need to make sure we don't throw any SEH exceptions from memset. - Updated MinGit to v2.43.0.1 which comes with OpenSSL v3.1.4 and addresses a regression where network operations were really slow under certain circumstances.
Security Advisories Addressed
- CVE-2024-20656 A vulnerability exists in the VSStandardCollectorService150 service, where local attackers can escalate privileges on hosts where an affected installation of Microsoft Visual Studio is running.
- CVE-2023-32027 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32025 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32026 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29356 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32028 This advisory is republished to address a Microsoft SQL OLE DB Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29349 This advisory is republished to address a Microsoft ODBC and OLE DB Remote Code Execution vulnerability in Visual Studio.
- CVE-2024-0057 A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw.
- CVE-2024-0056 A vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attacker can perform an interception attack (sometimes called a MITM, or man-in-the-middle, attack) between the SQL client and the SQL server.
- CVE-2024-21319 Microsoft is releasing this security advisory to provide information about a vulnerability in the ASP.NET Core project templates.
Visual Studio 2022 version 17.6.10
released Nov 14th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.10
- In VS 2022 v17.6, our update to the VC++ redist updated the directory in which files are installed. If you are depending on the documented way to reference these files, there should be no impact. But if you have hard-coded version directories in your app deployment scripts, you may need to update your build to reference the new location.
- Fixed infinite recursion in ASan - In a newer version of Windows, ntdll has started calling
memset
in their exception handling machinery; thus, we must make sure that if we are called by ntdll, we need to make sure we don't throw any SEH exceptions from memset. - Fixed a compiler crash during code analysis using /analyze option used together with /std:c++20 option.
- Fixed a crash in the use after move check (C26800) triggered by certain C++ patterns.
Developer Community Highlights
- V17.5.1: error MSB6006: "link.exe" exited with code -1073741819
- Visual Studio 2022 Update 5 compiler yields a series of syntax errors when using BOOST_SCOPE_EXIT/BOOST_SCOPE_EXIT_END macros inside a lambda
- AddressSanitizer (ASan) interception failed" error after updating vc_redist to 14.38.33126.1 (17.8.0 Preview 3.0)
- ICE under /analyze when consuming header units in compiler version 17.6.6 (Office; 17.6)
Security Advisories Addressed
- CVE-2023-36038 A vulnerability exists in ASP.NET IIS where a remote unauthenticated user can issue specially crafted requests to a .NET application which may result in denial of service.
- CVE-2023-36049 An elevation of privilege vulnerability exists in .NET where untrusted URIs provided to System.Net.WebRequest.Create can be used to inject arbitrary commands to backend FTP servers.
- CVE-2023-36558 A security feature bypass vulnerability exists in ASP.NET where an unauthenticated user is able to bypass validation on blazor server forms which could trigger unintended actions.
- CVE-2023-36042 A denial of service vulnerability exists in Visual Studio where a malformed decorated name can result in an infinite loop.
Visual Studio 2022 version 17.6.9
released Oct 24th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.9
Security Advisories Republished
- CVE-2023-36799 A vulnerability exists in .NET where reading a maliciously crafted X.509 certificate may result in Denial of Service. This issue only affects Linux systems.
- CVE-2023-36796This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36794This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36793This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36792This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
Visual Studio 2022 version 17.6.8
released Oct 10th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.8
Developer Community Highlights
Security Advisories Addressed
- CVE-2023-36435 A memory leak vulnerability exists in MsQuic.dll which may lead to Denial of Service. This issue only affects Windows systems.
- CVE-2023-38171 A null pointer vulnerability exists in MsQuic.dll which may lead to Denial of Service. This issue only affects Windows systems.
- CVE-2023-44487 A vulnerability exists in the ASP.NET Core Kestrel web server where a malicious client may flood the server with specially crafted HTTP/2 requests, causing denial of service.
Visual Studio 2022 version 17.6.7
released Sep 12th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.7
- Updated version of Git used by Visual Studio to v 2.41.0.3.
Developer Community Highlights
Security Advisories Addressed
- CVE-2023-36799 A vulnerability exists in .NET where reading a maliciously crafted X.509 certificate may result in Denial of Service. This issue only affects Linux systems.
- CVE-2023-36796This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36794This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36793This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36792This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36759This security update removes pgodriver.sys, where reading a malicious file can lead to Elevation of Privilege.
Visual Studio 2022 version 17.6.6
released Aug 8th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.6
- Fixed a crash with IntelliSense involving the Inherited assignment operator.
- SQL file syntax highlighting should now work as expected.
- Fixed a recently introduced bug that could cause a compiler internal error during code analysis.
- Fixed C++ modules bugs and added several modules throughput improvements.
Developer Community Highlights
- TestExplorer unable to run GoogleTest tests since the "support" of namespaces in VS 17.6 preview 3
- Laggy visual studio when resizing
- SQL syntax not coloring in visual studio 2022 community
- SSDT: Opening Results pages is still broken in VS 2022 Version 17.7.0 Preview 3.0
- Fixed a pair of false warnings around loop construct that were introduced in 17.6 toolset
- Fixed an STL issue that could result in link failures due to missing symbols when linking x64 object files and libraries into ARM64EC programs
Security Advisories Addressed
- CVE-2023-35390 A vulnerability exists when some dotnet commands are used in directories with weaker permissions which can result in remote code execution.
- CVE-2023-38180 A vulnerability exists in Kestrel where, on detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service.
- CVE-2023-38178 A vulnerability exists in .NET Kestrel where a malicious client can bypass QUIC stream limit in HTTP/3 in both ASP.NET and .NET runtimes resulting in denial of service.
- CVE-2023-35391 A vulnerability exists in ASP.NET Core 2.1, .NET 7.0 and, .NET 6.0 applications using SignalR when redis backplane use might result in information disclosure.
- CVE-2023-36897 Visual Studio 2010 Tools for Office Runtime Spoofing Vulnerability This security update addresses a vulnerability where unauthenticated remote attacker can sign VSTO Add-ins deployments without a valid code signing certificate.
Visual Studio 2022 version 17.6.5
released July 11th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.5
- Fixed an issue where switches over unsigned 64-bit integers could cause a crash on x86 and ARM targets.
- Fixes an issue in which users of Visual Basic with the Entity Framework Designer may have experienced compilation errors after saving an edmx file.
Developer Community Highlights
- WPF: XAML Designer has exited unexpectedly, ClickOnce does not work again.
- VS Community 2022 V.17.6.2: Error saving an .edmx file
- VSIXInstaller.exe in VS 2022 17.6.0 Preview 7: NullReferenceException, regression
Security Advisories Addressed
- CVE-2023-33127 .NET Remote Code Execution Vulnerability A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege (EoP) and code execution.
- CVE-2023-33170 .NET Security Feature Bypass Vulnerability A vulnerability exist in ASP.NET Core applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords.
Visual Studio 2022 version 17.6.4
released June 20th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.4
- Fixed an issue where Saving a C++ file sometimes results in the IDE hanging.
- Fixed an issue when "Show All Files" mode is set for a VC project sometimes results from files in those projects will be missing in GoTo and FindInFiles.
- Fixed '__declspec(property) causes syntax errors with C++20 and /clr
- Fixed a race condition in ASAN initialization causing crashes on start up
- When multiple test projects are run in sequence, vstest.console can consume a lot of CPU because it is constantly polling for data from testhost that is started but not executing yet. This was mitigated by disabling testhost pre-start. This regression was introduced in 17.6.0.
- Fixes a MessagingRemoteException when an XCFramework is involved in MAUI targeting iOS. Ref xamarin/macios#18308.
- This version of Visual Studio includes Win App SDK 1.3.230502000. See Windows App SDK release channels - Windows appsfor more details.
- Includes servicing update 10.0.22621.1778 for Windows SDK for Windows 11. See Windows SDK for details.
- Fixed a bug where document tabs could accidentally undock into a floating window.
- Fixes some Visual Studio crashes on Solution Close.
Developer Community Highlights
- Internal compiler error compiling Xbox Series X UnrealEngine plugin with VS2022 17.6 Preview
- Find in Files is broken and returning partial results
- C++/CLR syntax error in VS 17.6.0 when compiling templated class with finalizer with C++20 support
- Compiler crashes for analysis of code including specialization of class template with nested non-template class referring to containing class
- Visual Studio 2022 always crash while selecting MS-Access as a data source
- TextTransform utility (TextTransform.exe) command line handling regression error in VS2022 17.6 LTSC
- Duplicate key strokes when editing javascript in cshtml file
- Experimental function "Sticky scroll" not selects items by cursor position
Visual Studio 2022 version 17.6.3
released June 13th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.3
- A regression was introduced into the razor compiler that broke certain tag helpers with explicit partial classes. Until this bug is fixed customers can work around by pinning back to the 7.0.203 SDK.
Security Advisories Addressed
- CVE-2023-24897 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution.
- CVE-2023-25652 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability where specially crafted input to git apply –reject can lead to controlled content writes at arbitrary locations.
- CVE-2023-25815 Visual Studio Spoofing Vulnerability This security update addresses a vulnerability where Github localization messages refer to a hard-coded path instead of respecting the runtime prefix that leads to out-of-bound memory writes and crashes.
- CVE-2023-29007 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which a configuration file containing a logic error results in arbitrary configuration injection.
- CVE-2023-29011 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which the Git for Windows executable responsible for implementing a SOCKS5 proxy is susceptible to picking up an untrusted configuration on multi-user machines.
- CVE-2023-29012 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which the Git for Windows Git CMD program incorrectly searches for a program upon startup, leading to silent arbitrary code execution.
- CVE-2023-27909 Visual Studio Remote Code Execution Vulnerability This security update addresses an Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK where version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure.
- CVE-2023-27910 Visual Studio Information Disclosure Vulnerability This security update addresses a vulnerability where a user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to remote code execution.
- CVE-2023-27911 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability where a user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to remote code execution.
- CVE-2023-33139 Visual Studio Information Disclosure Vulnerability This security update addresses a OOB vulnerability where the obj file parser in Visual Studios leads to information disclosure.
- CVE-2023-29331 .NET and Visual Studio Denial of Service Vulnerability This security update addresses a vulnerability where the AIA fetching process for client certificates can lead to denial of service.
- CVE-2023-24895 .NET and Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in the WPF XAML parser where an unsandboxed parser can lead to remote code execution.
- CVE-2023-24936 .NET and Visual Studio Elevation of Privilege Vulnerability This security update addresses a vulnerability in bypass restrictions when deserializing a DataSet or DataTable from XML, leading to an elevation of privilege.
- CVE-2023-32032 .NET Elevation of Privilege Vulnerability A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges.
- CVE-2023-33126 .NET Remote Code Execution Vulnerability A vulnerability exists in .NET during crash and stack trace scenarios that could lead to loading arbitrary bin
- CVE-2023-33128 .NET Remote Code Execution Vulnerability A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing.
- CVE-2023-33135 .NET Remote Code Execution Vulnerability A vulnerability exists in the .NET SDK during tool restore which can lead to an elevation of privilege.
Visual Studio 2022 version 17.6.2
released May 25th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.2
Developer Community Highlights
- Syncfusion Controls like RibbonWindow and ChromelessWindows no longer rendering in designer preview
- RoslynPackage fails to initialize due to SettingsEditorFactory dependency error
Visual Studio 2022 version 17.6.1
released May 22rd, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6.1
- We have made some updates to whatsnew content.
Visual Studio 2022 version 17.6
released May 16th, 2023
Summary of What's New in this Release of Visual Studio 2022 version 17.6
Developer Community Highlights
- Please add a way to hide the available tab in the Visual Studio Installer
- Ability to downgrade even when VS is installed from a layout 2 votes
- Misoptimization for ARM64 in 17.6 preview 2, symmetrical comparison optimized out
- VS hangs when shutting down solutions that contain C++ code.
- C++ /CLR regression in VS 17.6 Preview 1 when using the new C++20 support 1 vote
- Override editor feature doesn't work 3 votes
- Windows Forms designer since VS 17.5: "Unable to cast object of type 'System.Data.SqlClient.SqlCommand' to type 'Microsoft.Data.SqlClient.SqlCommand' 13 votes
- In certain scenarios break points are only being hit once when debugging a .NET MAUI app 1 vote
- Unable to edit publish profile on VS 2022 1 vote
- Unable to build WiX3 projects with msbuild that comes with 17.6 Preview 3
- git history fails with .vb files 1 vote
- Angular project: break point is not hit and browser is not launched when debugging on VS 2022
- Search eventually starts returning no results 11 votes
- Sync with Active Document is not working in CMake Targets View 32 votes
- Edge Developer Tools no longer included in Visual Studio
- Getting build error after selecting automatically deploy the database project before unit tests are run option 21 votes
- Build.Compile (Ctrl-F7) stopped working on some files after upgrading to 17.4 on CMake projects with Open Folder 7 votes
- Using msbuild.exe from the command line for Xamarin.iOS is unable to find AppIcons and hangs on completion 7 votes
- Large text string causes VS 2022 to hang 6 votes
- __sanitizer_annotate_contiguous_container declared inconsistenly in 17.3.0 3 votes
- Visual Studio crashes when opening a file is opened and then branch is changed and the file doesn't exist on that branch - Developer Community 1 vote
- Sqlproj file not building when it has certain master db references provided by VS's inbuilt master.dacpac file - Developer Community (visualstudio.com) 20 votes
- Visual Studio 17.5 broke SqlPackage.exe - Developer Community 19 votes
- SQL Unit Tests fail after 17.5 due to Keyword not supported: 'multiple active result sets' - Developer Community (visualstudio.com) 1 vote
- SSDT Advanced Settings will not persist - Developer Community (visualstudio.com) 15 votes
- Unable to open sql files in database project - Developer Community (visualstudio.com) 3 votes
F#:
- Introduced native "Go To Definition" functionality for navigating from C# to F#.
View supported scenarios here: #14377
- Improved parameter name hints by hiding them when they match argument names
- Enabled collapsible block comments for better readability
- Refined attribute completions by incorporating settable properties
- Resolved a "Find All References" bug that caused results to be divided into identically labeled groups
- Upgraded the "Go To All" feature experience by intelligently ordering results. See more details here: #14882
C++
- Sync with Active Document now works in the CMake Targets View. It finds the first location that matches the file’s full path and syncs with that document.
- We made improvements to the Solution - Close scenario, which makes closing a solution containing C++ projects faster. The overall perf improvements can make closing a solution in some cases from 20% faster for small codebases, to 50% faster in some cases for large solutions (1000+ projects). We expect the wins to be more noticeable in large projects. For Chromium, the improvements are typically 50% faster, saving 20 seconds of time.
- The version of Incredibuild bundled through Visual Studio Installer has been updated to version 10.1.9. You can read the Incredbuild 10 release notes for detailed information on new features and the latest changes.
- C++20 support for C++/CLI
/std:c++20
can now be used in conjunction with/clr
. This allows a wide range of C++20 constructs to be used with ISO C++ types. In particular, all C++20 headers can be#included
in a/clr
compilation without restrictions.- Two-phase name lookup (ISO C++
[temp.dep]
) is now the default when/std:c++20
or/std:c++17
is specified. Specifying/Zc:twoPhase-
is no longer required with/std:c++17
. Managed templates and generics are an exception and will be compiled as before, without two-phase lookup semantics. - Coroutines are always compiled to native code and any calls from managed code will incur a managed->native transition penalty.
- Concepts are supported for native types but use with managed types is forbidden and will result in a diagnostic.
- Module support is not yet implemented. Restricted module import support will be forthcoming in a future release.
- You can use the new CMake Debugger to debug your CMake scripts at configure time. You can set breakpoints based on filenames, line numbers, and when CMake errors are triggered. Additionally, you can view call stacks of filenames and watch defined variables. Currently, this only works with bundled CMake, and projects targeting WSL or remote machines are not supported yet. We are actively working to add more support to the CMake debugger, and feedback is greatly appreciated.
- You can now use the Create Member Function feature to quickly add constructors and equality operators to your classes. When you have a class with fields, three dots will appear under the class name, and hovering over them will display a screwdriver icon. The drop-down from the screwdriver icon will display the new member function suggestions. With this, you can add a default constructor, constructor with all fields, equality operator, and equality operator with all fields.
- HLSL (High Level Shading Language) is a DirectX-specific programming language used to create shaders in game development and rendering applications. The popular HLSL Tools extension by Tim Jones is now available as part of Visual Studio providing syntax highlighting, statement completion, go-to-definition, and more! To use HLSL Tools, please enable the component in the "Game development with C++" or "Game development with Unity" workload in the Visual Studio Installer.
- Improved performance for Go To and All In One Search for C++ Symbols.
- You can now view Unreal Engine logs without leaving Visual Studio. To open the log window, click View > Other Windows > Unreal Engine Log. After opening the UE log window, logs will be automatically streamed when you start the Unreal Editor with F5. You can also press the red Record button if attaching the debugger to your UE process is not feasible. To filter your logs, click on the "Categories" or "Verbosity" dropdowns.
- You can now import STM32CubeIDE projects for embedded development within Visual Studio with File > Open > Import STM32CubeIDE project. This generates a CMake project with device flashing and debugging settings for STLink. You must have the STM32CubeIDE installed with the board support package for your device. More details available here.
- With the new Remote File Explorer, you can browse, upload, and download files to your remote machine listed in the Connection Manager.
SQL
Support for Ledger
- The database ledger incrementally captures the state of a database as the database evolves over time, while updates occur on ledger tables. It logically uses a blockchain and Merkle tree data structures.
- We are adding Ledger functionality in Sql Server Data Tools similar to Azure Data Studio. SQL Ledger is an added feature in SQL 2022 that brings forth new table types, including the following:
- Append-only Ledger Tables
- Updateable Ledger Tables
- Ledger History Tables
- Dropped Ledger Tables
- Ledger Views
- Dropped Ledger Views
- We are providing the following use cases for Ledger:
- Viewing Ledger Tables, Views in SSOX.
- Creating Ledger Tables, Views from SSOX
- Creating a sqlproj with Ledger Tables. Right Click on Project-> Add Item -> Table Ledger (Updateable) or Table Ledger (Append-Only)
- Publishing th ledger to a SQL database
Git Tooling
- We made several updates in response to customer feedback including - Git: Can't undo changes while debugging and Visual Studio 2022 hangs when pasting in files, adding new files or deleting files.
Debugging, Diagnostics and Profiling
Breakpoint Groups
- Visual Studio debugger now supports Breakpoint Groups,which can allow you to quickly and easily manage numerous breakpoints in organized groups.
- You can create a new breakpoint group using the "New" dropdown in breakpoints window. To add a breakpoint to an existing group, right-click the breakpoint and choose "Add to Breakpoint Group". You can also drag and drop the breakpoint into the desired group. These breakpoint groups can be enabled, disabled, and deleted. The breakpoints can be toggled individually or in combination as needed.
The breakpoint groups also support Undo for Delete. You can use “Ctrl-z” to undo you breakpoint groups delete operation.
Along with this, breakpoint groups now support dependent breakpoint groups. you can make your breakpoint groups dependent on other breakpoints, so that the group only activates when the prerequisite breakpoint is hit.
Memory Tool Insights Sparse Arrays
- Visual Studio Memory Analysis tool now has the ability to identify and display sparse arrays. You can see the list objects with sparse array under the Insights tab.
- A Sparse Array is an array that is mostly filled with zero elements, which can be inefficient in terms of performance and memory usage. The memory analysis tool will automatically detect these arrays and show you how much memory is being wasted due to these zero values.
- The debugger now supports the inclusion of .natstepfilter and .natjmc files within individual solutions, rather than the previous global location. This alteration allows for more efficient collaboration within teams, as these files can now be treated as any other file within a repository and shared accordingly.
Instrumentation tool
- The Visual Studio Instrumentation tool now supports C++ code, providing improved performance analysis. To access the instrumentation tool, go to Debug > Performance Profiler and select "Instrumentation" from the Profiler window that appears.
- The Instrumentation Data View presents a list of functions ordered by longest-running, making it easier to identify potential bottlenecks. Additionally, the Hot Path section displays the call stack for the functions that are consuming the most CPU, providing further insight into performance issues.
Profiler Live Graph for .NET on WSL
- The Visual Studio profiling tools now also support live graphs while collecting from dotnet-monitor for WSL. The WSL live metrics are available for .NET object allocation, CPU usage, and the .NET counter tool.
- While the tool is initially collecting data from dotnet-monitor for WSL you can see the real-time graphing for live counter information, then you can stop collecting and see detailed breakdown views of memory allocation, call trees, functions, collections, and other related data.
.NET Object Allocation tool
- The .NET Object Allocation tool now features the ability to import allocations from a .NET data provider using ETL file formats. For example, if you have an ETL file obtained from a .NET provider that contains allocation tick events, the tool can execute and display the allocations made within that data.
Data Visualizers
- You can now use the IEnumerable and DataSet Visualizer to inspect your variables/objects when debugging .NET on Unix via SSH, Docker, or WSL.
- The HTML and XML debugger visualizer is now fully themed and supports Visual Studio's blue, light, and dark themes.
Call Stack and Parallel Stack windows
- The call stack window now supports search functionality. You can add desired search keywords in the search box, and the matching call stack frames will get highlighted. The window also had a new entry point for the parallel stacks providing quick access to the window while debugging.
- The parallel stack window now has new copy functionality. You can double-click on a frame to copy the stack/ shift & select frames of interest / select particular by clicking on the line and copy and then paste into your local notepad/excel to evaluate further.
Reattach to process
- The reattach to debugger process is now persistent to the solution/project across sessions. So you can reattach to processes that you were previously attached to, even after you open a new VS session.
Git Tooling Enhancements
Stage and Commit During Build
You can now stage your changes and commit your staged items during a build. Committing directly is a risky operation since your files may change, but now you can stage them, verify your files are correct, and commit them - all while a build is running.
GitHub Issues and Azure DevOps Work Items - Improved Search
Improving on our Issues and Work Items integration in the commit message, you now get better search results when querying for items that you haven't updated recently or that aren't related to you but are part of your project or repo. The search works by matching complete strings in your items' names. This can help minimize copy-pasting item ids between the browser and Visual Studio.
Improved Merge Dialog
Updates to our Merge Dialog make it easier to understand how many files are being affected and warn you if there might be conflicts.
Git History Perf Improvements
Drastic improvements to our Git History window now load previous commits faster, allowing you to dig into your file and folder history quicker than before!
New Branch and Tag Naming Enhancements
Improvements to the New Branch and New Tag dialogs automatically replace spaces with dashes to avoid invalid characters in the name.
GitHub Issues
The GitHub Issues integration allows you to search and reference your issues from the commit message box in VS, in response to this suggestion ticket. You can reference an issue or a pull request by typing # or clicking on the # button in the lower right side of the commit message text box. If you weren't already authenticated to access related issues, you will now be prompted to sign in to take advantage of this feature.
Line Unstaging
To continue improving our line-staging (aka interactive staging) feature, we've added unstage. You can now use the tool tip option to unstage changes, line by line, as requested here Unstage individual lines and hunks in a file - 4 votes
Arm64
We continue to build native support for Arm64 on Windows 11 for the most popular developer scenarios. We now support the .NET Multi-platform App UI (MAUI) workload on Arm64 Visual Studio.
Code Search and Navigation
We’ve updated the UI of All-in-One Search.
- Each result has more breathing room by taking up 2 lines of space.
- The window size and location persist from the last session of Visual Studio. The selected preview state (off, right, or bottom) is also saved.
- The default preview layout is set to the bottom.
Learn more at https://aka.ms/all-in-one-search-blog.
You can enable All-In-One Search: Tools > Manage Preview Features > "New Visual Studio Search experience (restart required)".
Sticky Scroll
- Sticky Scroll helps you orient where you are in the file and understand the context of the code you're looking at. As you scroll through your code, the class and method signatures and other headers will stick to the top of your screen. Clicking on a line in the header will navigate you to that code.
- Customize the maximum number of lines with "Maximum sticky lines".
- With “When number of scopes exceeds the maximum”, choose between higher-level scopes “Prefer outer scopes” or lower-level scopes “Prefer inner scopes”.
Enable in "Options > Text Editor > General > Sticky scroll (experimental)" by toggling the checkbox for "Group the current scopes within a scrollable region of the editor window".
Learn more at https://aka.ms/sticky-scroll-blog.
Brace Pair Colorization
With brace pair colorization, you can visually distinguish each set of opening and closing braces for your code making it easier to see your code's scope or find any missing braces.
Brace pair colorization is supported for C#, C++, TypeScript, JavaScript, Visual Basic, and Razor.
You can enable or disable colorization by going to Tools > Options > Text Editor and toggling the "Enable brace pair colorization" checkbox.
Lightbulb Performance Improvements
The lightbulb/code actions have been greatly improved through comprehensive redesign of the diagnostics and code analysis architecture. We have focused on optimizing all components involved in bringing up a lightbulb through a combination of low/medium/high level fixes.
- Low level fixes included limiting tree walks, more efficient string handling, improving efficiency in handling source text, extreme reduction in allocations, conversions, enumerations and data structure level optimizations in the diagnostics code paths
- Medium level fixes included cancelling background diagnostics (squiggles) when computing Lightbulb diagnostics, optimizing the background indexing, optimizing the diagnostics engine for queries run on a single document by limiting analyzers that are applicable per document, addressing significant inefficiencies in several 1st party/2nd party analyzers like PublicAPI analyzer and by improving our caching model
- High level fixes included heaving reworking the diagnostics pipeline to answer span oriented questions, infer which analyzers are applicable to run on particular spans, deprioritizing slow analyzers based on historical run info.
BEFORE & AFTER
![Before Lightbulb takes 7 cycles to complete](media/17.6/17.6ga-lightbulb-before.gif =400x) ![After Lightbulb is instaneous](media/17.6/17.6ga-lightbulb-after.gif =400x)
We've significantly improved both CPU and memory performance, particularly for large source files. In fact, we've managed to reduce the progress bar cycles of the Lightbulb scenario in a large source file from around 8-17 cycles to less than one cycle, as demonstrated in the gifs above.
Microsoft Teams Development Tools (Teams Toolkit)
- Add the feature flag "Teams App Configuration Improvements". The preview feature of Teams Toolkit enables developers to bring their existing internal and SaaS applications into Teams with Teams-native integration. In the
teamsfxapp.yml
file defines what Teams Toolkit engine does. - Add the deep link to open Teams Toolkit directly from Teams developer portal. You can now open Teams projects in developer portal and edit in Teams Toolkit.
- We have introduced a new Teams App templates for you to start with: Workflow Bot. Use the new Workflow Bot template to create sequential workflows where Adaptive Cards can be returned in response to user input.
- We have also made several bug fixes.
Enterprise Management
Host and Deploy Visual Studio layouts from your intranet
IT Administrators will now be able to host and deploy layouts on an intranet website in addition to a file share. Using an intranet location can simplify layout maintenance and improve installation performance, particularly for those organizations that currently use multiple global network file shares. View guidance for how to enable this experience and leave us feedback to let us know if there's anything we can do to improve it.
Updates to the Product Offerings on the Installer's Available tab
We’ve updated the logic that governs which products are offered when you view the Visual Studio installer’s “Available” tab. You should now have easy access to both the current Previews, as well as the latest versions of SKUs you already have installed. IT Administrators also have the ability to restrict exposure to certain products by either disabling specific channels or by using the new HideAvailableTab policy to suppress the visibility of the Available tab.
Latest Installer Everywhere
We will start shipping the latest installer everywhere, which means that all future updates to all versions of Visual Studio 2017 and higher will include the latest installer. This means that any new functionality or bug fixes that we add to the latest installer (such as the ability to rollback an installation sourced from a layout) will be automatically available to use in those downlevel versions of the product. Using the --useLatestInstaller parameter in your acquisition scripts will no longer be necessary.
Rollback is now enabled for Product Installations Sourced from a Layout
You can now rollback an update if the product sources originated from a layout. Just make sure that the layout contains the packages needed for the rollback to be successful. More details can be found here.
.NET MAUI
- Updates .NET MAUI to 7.0.86 (SR6), see https://aka.ms/dotnet-maui-releases for release notes.
- Updates to .NET for Android 33.0.46
- Updates to .NET for iOS 16.4.7060
Known Issues
Dotnet format users with a global json pointing to the 7.0.3xx SDK error out with ReflectionTypeLoadException. This is due to a missing dependency update in the format tool. The temporary workaround is to use 7.0.203.
When upgrading to the .NET 7.0.3xx SDK Razor / Blazor customers may encounter an error of the form Multiple components use the tag '....'
This is due to a bug in the razor compiler that is being addressed. Until that is fixed users can work around the issue by pinning the 7.0.20xx SDK using global.json. https://github.com/dotnet/razor/issues/8718
RoslynPackage fails to initialize due to SettingsEditorFactory dependency error After upgrading Visual Studio to version 17.6.1, some customers have encountered an issue where Visual Studio fails to load Roslyn and other packages. This problem occurs due to an assembly mismatch.
Solution: To resolve the issue, upgrade Visual Studio to version 17.6.2 and restart the Visual Studio.
Additional solution: If you are still experiencing the error after upgrading, they you can try deleting the MEF cache files located at %LOCALAPPDATA%\Microsoft\VisualStudio\17.0_XXXX\ComponentModelCache, where XXXX is a random ID. Before deleting the files it is recommended to take a backup of them. Then restart the Visual Studio.
Feedback and suggestions
We would love to hear from you! You can Report a Problem or Suggest a Feature by using the Send Feedback icon in the upper right-hand corner of either the installer or the Visual Studio IDE, or from Help > Send Feedback. You can track your issues by using Visual Studio Developer Community, where you add comments or find solutions. You can also get free installation help through our Live Chat support.
Blogs
Take advantage of the insights and recommendations available in the Developer Tools Blogs site to keep you up-to-date on all new releases and include deep dive posts on a broad range of features.