Visual Studio 2019 version 16.11 Release Notes
Developer Community | System Requirements | Compatibility | Distributable Code | Release History | License Terms | Blogs | Whats New in Visual Studio Docs
Note
This is not the latest version of Visual Studio. To download the latest release, please visit the Visual Studio site.
Visual Studio 2019 version 16.11 is the fifth and final supported servicing baseline for Visual Studio 2019. Enterprise and Professional customers needing to adopt a long term stable and secure development environment are encouraged to standardize on this version. As explained in more detail in our lifecycle and support policy, version 16.11 will be supported with fixes and security updates through April 2029, which is the remainder of the Visual Studio 2019 product lifecycle.
In addition, now that version 16.11 is available, version 16.9, which was the last servicing baseline, will be supported for an additional 12 months and will go out of support in October 2022. Note as well that versions 16.10 is no longer under support either. These intermediary releases received servicing fixes only until the next minor update released.
You can acquire the latest most secure version of Visual Studio 2019 version 16.11, by visiting the Visual Studio site, or by going to the downloads section of my.visualstudio.com. You can get updates from the Microsoft Update catalog. For more information about Visual Studio supported baselines, please review the support policy for Visual Studio 2019.
- November 12, 2024 — Visual Studio 2019 version 16.11.42
- October 8, 2024 — Visual Studio 2019 version 16.11.41
- September 10, 2024 — Visual Studio 2019 version 16.11.40
- August 13, 2024 — Visual Studio 2019 version 16.11.39
- July 9, 2024 — Visual Studio 2019 version 16.11.38
- June 11, 2024 — Visual Studio 2019 version 16.11.37
- May 14, 2024 — Visual Studio 2019 version 16.11.36
- April 9, 2024 — Visual Studio 2019 version 16.11.35
- February 13, 2024 — Visual Studio 2019 version 16.11.34
- January 9, 2024 — Visual Studio 2019 version 16.11.33
- November 14, 2023 — Visual Studio 2019 version 16.11.32
- October 12, 2023 — Visual Studio 2019 version 16.11.31
- September 12, 2023 — Visual Studio 2019 version 16.11.30
- August 8, 2023 — Visual Studio 2019 version 16.11.29
- July 25, 2023 — Visual Studio 2019 version 16.11.28
- June 13, 2023 — Visual Studio 2019 version 16.11.27
- April 11, 2023 — Visual Studio 2019 version 16.11.26
- March 14, 2023 — Visual Studio 2019 version 16.11.25
- February 14, 2023 — Visual Studio 2019 version 16.11.24
- January 10, 2023 — Visual Studio 2019 version 16.11.23
- December 13, 2022 — Visual Studio 2019 version 16.11.22
- November 8, 2022 — Visual Studio 2019 version 16.11.21
- October 11, 2022 — Visual Studio 2019 version 16.11.20
- September 13, 2022 — Visual Studio 2019 version 16.11.19
- August 9, 2022 — Visual Studio 2019 version 16.11.18
- July 12, 2022 — Visual Studio 2019 version 16.11.17
- June 14, 2022 — Visual Studio 2019 version 16.11.16
- May 17, 2022 — Visual Studio 2019 version 16.11.15
- May 10, 2022 — Visual Studio 2019 version 16.11.14
- April 19, 2022 — Visual Studio 2019 version 16.11.13
- April 12, 2022 — Visual Studio 2019 version 16.11.12
- March 8, 2022 — Visual Studio 2019 version 16.11.11
- February 8, 2022 — Visual Studio 2019 version 16.11.10
- January 11, 2022 — Visual Studio 2019 version 16.11.9
- December 14, 2021 — Visual Studio 2019 version 16.11.8
- November 16, 2021 — Visual Studio 2019 version 16.11.7
- November 09, 2021 — Visual Studio 2019 version 16.11.6
- October 12, 2021 — Visual Studio 2019 version 16.11.5
- October 05, 2021 — Visual Studio 2019 version 16.11.4
- September 14, 2021 — Visual Studio 2019 version 16.11.3
- August 25, 2021 — Visual Studio 2019 version 16.11.2
- August 16, 2021 — Visual Studio 2019 version 16.11.1
- August 10, 2021 — Visual Studio 2019 version 16.11.0
- Visual Studio 2019 version 16.10 Release Notes
- Visual Studio 2019 version 16.9 Release Notes
- Visual Studio 2019 version 16.8 Release Notes
- Visual Studio 2019 version 16.7 Release Notes
- Visual Studio 2019 version 16.6 Release Notes
- Visual Studio 2019 version 16.5 Release Notes
- Visual Studio 2019 version 16.4 Release Notes
- Visual Studio 2019 version 16.3 Release Notes
- Visual Studio 2019 version 16.2 Release Notes
- Visual Studio 2019 version 16.1 Release Notes
- Visual Studio 2019 version 16.0 Release Notes
The Visual Studio 2019 Blog is the official source of product insight from the Visual Studio Engineering Team. You can find in-depth information about the Visual Studio 2019 releases in the following posts:
- Visual Studio 2019 v16.11 is Available Now!
- Visual Studio 2019 v16.10 and v16.11 Preview 1 are Available Today!
- Enhanced Productivity with Git in Visual Studio
- Available Today! Visual Studio 2019 v16.9 and v16.10 Preview 1
- Visual Studio 2019 v16.9 Preview 3 is Available Today!
- Visual Studio 2019 v16.9 Preview 2 and New Year Wishes Coming to You!
- Visual Studio 2019 v16.8 and v16.9 Preview Available Today
- New Features in Visual Studio 2019 v16.8 Preview 3.1
- Visual Studio 2019 v16.8 Preview 2 Releases New Features Today!
- Visual Studio 2019 v16.7 and v16.8 Preview 1 Release Today!
- Visual Studio 2019 v16.7 Preview 2 Available Today!
- Exciting new updates to the Git experience in Visual Studio
- Releasing Today! Visual Studio 2019 v16.6 & v16.7 Preview 1
- Visual Studio 2019 version 16.6 Preview 2 Releases New Features Your Way
- Visual Studio 2019 version 16.5 is now available!
- 'Tis the Season for Visual Studio 2019 v16.4 Release
- Visual Studio 2019 v16.4 Preview 2, Fall Sports, and Pumpkin Spice
- .NET Core Support and More in Visual Studio 2019 version 16.3 - Update Now!
- Visual Studio 2019 version 16.3 Preview 2 and Visual Studio 2019 for Mac version 8.3 Preview 2 Released!
- Visual Studio 2019 version 16.2 and 16.3 Preview 1 now available
- Visual Studio 2019 version 16.2 Preview 2
- Visual Studio 2019 version 16.1 and Preview 16.2 Preview
- Visual Studio 2019: Code faster. Work smarter. Create the future.
released November 12th, 2024
released October 8th, 2024
- CVE-2024-43603 Denial of Service Vulnerability in Visual Studio Collector Service
- CVE-2024-43590 Elevation of Privilege Vulnerability in Visual Studio C++ Redistributable Installer
released September 10th, 2024
CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
released August 13th, 2024
- IntelliCode model update, so users will get the models directly and are no longer dependent on backend services for downloads.
- CVE-2024-29187(Republished) - WiX based installers are vulnerable to binary hijack when run as SYSTEM
released July 9th, 2024
- Version 6.2 of AzCopy is no longer distributed as part of the Azure Workload in Visual Studio due to deprecation. The latest supported release of AzCopy can be downloaded from Get started with AzCopy.
- Update MinGit to v2.45.2.1 that includes GCM 2.5 which addresses an issue with the previous GCM version where it reported an error back to Git after cloning and made it appear like the clone had failed.
released June 11th, 2024
- After upgrading to Germanium build of Windows, WSL requires a manual upgrade. This can cause Visual Studio to hang when opening CMake projects.
- CVE-2024-30052 Remote Code Execution when debugging dump files that contain a malicious file with an appropriate extension
- CVE-2024-29060 Elevation of Privilege where affected installation of Visual Studio is running
- CVE-2024-29187 WiX based installers are vulnerable to binary hijack when run as SYSTEM
released May 14th, 2024
- This release includes an OpenSSL update to v3.2.1
- CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution.
- CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories
released April 9th, 2024
- With this bug fix, a client can now use the bootstrapper in a layout and pass in the --noWeb parameter to install on a client machine and ensure that both the installer and the Visual Studio product are downloaded only from the layout. Previously, sometimes during the installation process, the installer would not respect the -noWeb parameter and would try to self-update itself from the web.
- CVE-2024-28929 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28930 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28931 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28932 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28933 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28934 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28935 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28936 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28937 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28938 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28941 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-28943 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
- CVE-2024-29043 This update addresses a remote code execution vulnerablity in the Microsoft ODBC Driver for Microsoft SQL Server.
released February 13th, 2024
- fatal error C1001: Internal compiler error
- VS2022 is using too old node.js version 16 - any plans to upgrade?
- CVE-2024-0057 A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw.
released January 9th, 2024
- Updated MinGit to v2.43.0.1 which comes with OpenSSL v3.1.4 and addresses a regression where network operations were really slow under certain circumstances.
- CVE-2024-20656 A vulnerability exists in the VSStandardCollectorService150 service, where local attackers can escalate privileges on hosts where an affected installation of Microsoft Visual Studio is running.
- CVE-2023-32027 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32025 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32026 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29356 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32028 This advisory is republished to address a Microsoft SQL OLE DB Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29349 This advisory is republished to address a Microsoft ODBC and OLE DB Remote Code Execution vulnerability in Visual Studio.
released November November 14th, 2023
- CVE-2023-36042 A denial of service vulnerability exists in Visual Studio where a malformed decorated name can result in an infinite loop.
released October 10th, 2023
- Updated version of Git used by Visual Studio to v 2.41.0.3.
released September 12th, 2023
- CVE-2023-36796This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36794This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36793This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36792This security update addresses a vulnerability in DiaSymReader.dll when reading a corrupted PDB file which can lead to Remote Code Execution.
- CVE-2023-36759This security update removes pgodriver.sys, where reading a malicious file can lead to Elevation of Privilege
released August 8th, 2023
- Addressed an issue where VSWhere's all switch would not return instances in an un-launchable state.
- CVE-2023-36897 Visual Studio 2010 Tools for Office Runtime Spoofing Vulnerability This security update addresses a vulnerability where unauthenticated remote attacker can sign VSTO Add-ins deployments without a valid code signing certificate.
released July 25th, 2023
released June 13th, 2023
- ActiveX Control Variable wizard will generate ActiveX properties as well as functions, restoring the functionality from Visual Studio 2015.
- As part of this update, to address CVE-2023-27909, CVE-2023-27910, and CVE-2023-27911, we are removing .fbx and .dae support. This is a third-party x86 component that is no longer supported by the author. Affected users should use the fbx editor.
- JSON Schemas don't work with localized Visual Studio
- JumpThreading Fix for JT value numbering invalidation
- CVE-2023-24897 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution.
- CVE-2023-25652 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability where specially crafted input to git apply –reject can lead to controlled content writes at arbitrary locations.
- CVE-2023-25815 Visual Studio Spoofing Vulnerability This security update addresses a vulnerability where Github localization messages refer to a hard-coded path instead of respecting the runtime prefix that leads to out-of-bound memory writes and crashes.
- CVE-2023-29007 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which a configuration file containing a logic error results in arbitrary configuration injection.
- CVE-2023-29011 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which the Git for Windows executable responsible for implementing a SOCKS5 proxy is susceptible to picking up an untrusted configuration on multi-user machines.
- CVE-2023-29012 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability in which the Git for Windows Git CMD program incorrectly searches for a program upon startup, leading to silent arbitrary code execution.
- CVE-2023-27909 Visual Studio Remote Code Execution Vulnerability This security update addresses an Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK where version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure.
- CVE-2023-27910 Visual Studio Information Disclosure Vulnerability This security update addresses a vulnerability where a user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to remote code execution.
- CVE-2023-27911 Visual Studio Remote Code Execution Vulnerability This security update addresses a vulnerability where a user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to remote code execution.
- CVE-2023-33139 Visual Studio Information Disclosure Vulnerability This security update addresses a OOB vulnerability where the obj file parser in Visual Studios leads to information disclosure.
released April 11th, 2023
- Fixed an issue in IIS Express that could cause a crash when updating telemetry data.
- Fixed a crash when invalid input is sent to the driver used during PGO training for kernel mode drivers.
- CVE-2023-28296 Visual Studio Remote Code Execution Vulnerability
- CVE-2023-28299 Visual Studio Spoofing Vulnerability
- CVE-2023-28262 Visual Studio Elevation of Privilege Vulnerability
- CVE-2023-28263 Visual Studio Information Disclosure Vulnerability
released March 14th, 2023
- Git 2.39 has renamed the value for credential.helper from "manager-core" to "manager". See https://aka.ms/gcm/rename for more information.
- Updates to mingit and Git for Windows package to v2.39.2, which addresses CVE-2023-22490
- CVE-2023-22490 Mingit Remote Code Execution Vulnerability
- CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability
- CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability
- CVE-2023-23946 Mingit Remote Code Execution Vulnerability
released February 14th, 2023
- Updated CPython interpreter to version 3.9.13.
- Updated mingit and Git for Windows package to v2.39.1.1, which addresses CVE-2022-41903
- CVE-2023-21566 Visual Studio Installer Elevation of Privilege Vulnerability
- CVE-2023-21567 Visual Studio Denial of Service Vulnerability
- CVE-2023-21808 .NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2023-21815 Visual Studio Remote Code Execution Vulnerability
- CVE-2023-23381 Visual Studio Code Remote Code Execution Vulnerability
- CVE-2022-23521 gitattributes parsing integer overflow
- CVE-2022-41903 Heap overflow in
git archive
,git log --format
leading to RCE - CVE-2022-41953 Git GUI Clone Remote Code Execution Vulnerability
released January 10th, 2023
- CVE-2023-21538 .NET Denial of Service Vulnerability A denial of service vulnerability exists in .NET 6.0 where a malicious client could cause a stack overflow which may result in a denial of service attack when an attacker sends an invalid request to an exposed endpoint.
released December 13th, 2022
- CVE-2022-41089 Remote Code Execution A remote code execution vulnerability exists in .NET Core 3.1, .NET 6.0, and .NET 7.0, where a malicious actor could cause a user to run arbitrary code as a result of parsing maliciously crafted xps files.
released November 8th, 2022
- Added conditional guards to fix incorrect references in AMD64 optimizations for boost, stl_interfaces.
- CVE-2022-41119 Remote Code Execution Heap Overflow Vulnerbaility in Visual Studio
- CVE-2022-39253 Information Disclosure Local clone optimization dereferences symbolic links by default
released October 11, 2022
- Made Resource View appear more reliably for projects that are reloaded
- Administrators will be able to update the VS Installer on an offline client machine from a layout without updating VS.
- CVE-2022-41032 .NET Elevation of Privilege Vulnerability A vulnerability exists in .NET 7.0.0-rc.1, .NET 6.0, .NET Core 3.1, and NuGet clients (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol) where a malicious actor could cause a user to execute arbitrary code.
released Septemenber 13, 2022
- Made Resource View appear more reliably for projects that are reloaded
- CVE-2022-38013 .NET Denial of Service VulnerabilityA denial of service vulnerability exists in ASP.NET Core 3.1 and .NET 6.0 where a malicious client could cause a stack overflow which may result in a denial of service attack when an attacker sends a customized payload that is parsed during model binding.
released August 9th, 2022
- Coded UI in VS2019 - VS crashing when opening and/or expanding UI maps
- Launching multiple startup projects fails with the error message
- CVE-2022-34716 .NET Information Disclosure Vulnerability An information disclosure vulnerability exists in .NET 6.0 and .NET Core 3.1 that could lead to unauthorized access of privileged information.
- CVE-2022-31012 Remote Code Execution Git for Windows' installer can be tricked into executing an untrusted binary
- CVE-2022-29187 Elevation of Privilege Malicious users can create a .git directory in a folder that is owned by a super-user
- CVE-2022-35777 Remote Code Execution Visual Studio 2022 Preview Fbx File parser Heap overflow Vulnerability
- CVE-2022-35825 Remote Code Execution Visual Studio 2022 Preview Fbx File parser OOBW Vulnerability
- CVE-2022-35826 Remote Code Execution Visual Studio 2022 Preview Fbx File parser Heap overflow Vulnerability
- CVE-2022-35827 Remote Code Execution Visual Studio 2022 Preview Fbx File parser Heap OOBW Vulnerability
released July 12, 2022
- Updated LibraryManager to accommodate changes to cdnjs API
released June 14, 2022
- CVE-2022-30184 .NET Information Disclosure Vulnerability A vulnerability exists in .NET 6.0 and .NET Core 3.1 within NuGet where a credential leak can occur.
- CVE-2022-24513 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists when the Microsoft Visual Studio updater service improperly parses local configuration data.
released May 17, 2022
- Fixed connections for Azure SQL Managed Instance in SQL Server Data Tools, including Schema Compare and SQL Server explorer. Note: Support for Azure Arc enabled Managed Instance is pending a future release (In the Community)
released May 10, 2022
- Added the implementation for the remaining C++20 defect reports (a.k.a. backports). All C++20 features are now available under the /std:c++20 switch. For more information about the implemented backports, please see C++20 Defect Reports project on microsoft/STL GitHub repository and this blogpost
- Updated Git for Windows version consumed by Visual Studio and installable optional component to 2.36.0.1
- Fixed an issue with git integration, where if pulling/synchronizing branches that have diverged, output window would not show a localized hint on how to resolve it.
CVE-2022-29117 .NET Denial of Service Vulnerability A vulnerability exists in .NET 6.0, .NET 5.0 and .NET Core 3.1 where a malicious client can manipulate cookies and cause a Denial of Service.
CVE-2022-23267 .NET Core Denial of Service Vulnerability A vulnerability exists in .NET 6.0, .NET 5.0 and .NET Core 3.1 where a malicious client can cause a Denial of Service via excess memory allocations through HttpClient.
CVE-2022-29145 .NET Denial of Service Vulnerability A vulnerability exists in .NET 6.0, .NET 5.0 and .NET Core 3.1 where a malicious client can can cause a Denial of Service when HTML forms are parsed.
CVE-2022-24513 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists when the Microsoft Visual Studio updater service improperly parses local configuration data.
released April 19, 2022
- Fixed vctip.exe regression from 16.11.12
- Fixed a bug that prevented some applications built with Address Sanitizer (ASAN) to load in Windows 11.
- Fixed another ASAN issue where multi-threaded applications with heap contention may experience deadlocks, false "wild pointer freed" reports, or a deadlock during process exit.
released April 12, 2022
- Fixed an issue that would cause some animations for test execution to run in the background even when the associated test executions were complete. This causes slowdowns that were especially noticeable on high refresh rate monitors. The fix should improve the experience of using VS on high refresh rate monitors.
- Removed an unnecessary warning when connecting to a LiveShare server that didn't offer certain functionality used by the client.
- Optimized Qt applications crash on startup on ARM64
- I get an error Live Share: The user of the output channel works with limited functionality due to the absence of a dependent service.
- Find in IVsTextImage does not work in VisualStudio 2019
CVE-2022-24765 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists in Git for Windows, in which Git operations could run outside a repository while seraching for a Git directory. Git for Windows is now updated to version 2.35.2.1.
CVE-2022-24767 DLL hijacking vulnerability A potential DLL hijacking vulnerability exists in Git for Windows installer, when running the uninstaller under the SYSTEM user account. Git for Windows is now updated to version 2.35.2.1.
CVE-2022-24513 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists when the Microsoft Visual Studio updater service improperly parses local configuration data.
released March 8, 2022
- Fixed an issue with remote debugging, especially affecting Azure App Service, where authentication failures would sometimes fail with 'The connection with the remote endpoint was terminated' and Visual Studio would not prompt for credentials.
- Improved performance on high refresh rate monitors.
- Internal compiler error in fold expression with += operator on 16.11
- consteval constructor and C7595
- cl does not make special member functions implicitly constexpr
- Can't have freestanding requires expressions
- There are no configured extension galleries in VS 2019
- Sql Server object explorer does not show indexes
- SQL project does not build if it has File storage tables
CVE-2020-8927 Vulnerability A Remote code Execution vulnerability exists in .NET 5.0 and .NET Core 3.1 where a buffer overflow exists in the Brotli library versions prior to 1.0.8.
CVE-2022-24464 Vulnerability A denial of service vulnerability exists in .NET 6.0, .NET 5.0, and .NET CORE 3.1 when parsing certain types of http form requests.
CVE-2022-24512 Vulnerability A Remote Code Execution vulnerability exists in .NET 6.0, .NET 5.0, and .NET Core 3.1 where a stack buffer overrun occurs in .NET Double Parse routine.
CVE-2021-3711 OpenSSL Buffer Overflow vulnerability A potential buffer overflow vulnerability exists in OpenSSL, which is consumed by Git for Windows. Git for Windows is now updated to version 2.35.1.2, which addresses this issue.
released February 8, 2022
- Fixed an issue that has caused sporadic C++ linker crashes.
- Silent bad codegen issue with x64.
- An issue that prevented files from being deleted while they were being processed by background C++ static analysis.
- Resolved an issue in C++ ATL CString equality operator under C++20 mode.
- Fixed an issue that could have prevented an initializer from running in a load test scenario.
- Missing comparison operators between LPCWSTR and CString in VS 16.11.8
- x64 optimizer bug VC++2019 16.11.4
CVE-2022-21986 Vulnerability A Denial of Service vulnerability exists in .NET 5.0 and .NET 6.0 when the Kestrel web server processes certain HTTP/2 and HTTP/3 requests.
released January 11, 2022
- Fixed an issue with being unable to debug applications multiple times when Windows Terminal is used as the default terminal.
- Setup fix to unblock customers on restricted configurations
- Fixed an issue that prevented a client from being able to update a more current bootstrapper. Once the client is using the bootstrapper and installer that shipped January 2022 or later, all updates using subsequent bootstrappers should work for the duration of the product lifecycle.
- Addressed occasional instance where VSInstr would not exit when instrumenting a binary with volatile metadata causing Instrumentation Profiling to fail.
- Fixed an issue were compiling C++ code with very large functions using /Og or #pragma optimize("g") can generate invalid code (bad codegen)
- Fixed a bug in C++ Concurrency::parallel_for_each that was crashing the calling process due to integer overflow
released December 14, 2021
To prevent a potentially malicious exploit that allows code to be misrepresented, the Visual Studio editor will no longer allow bidirectional text control characters to manipulate the order of characters on the editing surface. A new option will cause these bidirectional text control characters to be shown with placeholders. The bidirectional text control characters will still be present in the code as this behavior only impacts what is rendered in the code editor.
This functionality is controlled in Tools\Options. Under the Text Editor\General page there is an option for “Show bidirectional text control characters”, which will be checked by default. When checked, all bidirectional text control characters will be rendered as placeholders. Unchecking the option will revert to the previous behavior where these characters are not rendered.
A Unicode character is considered a bidirectional text control character if it falls into any of the following ranges: U+061c, U+200e-U+200f, U+202a-U+202e, U+2066-U+2069.
- Corrected an issue in C++ compiler where a templated destructor involved in a class hierarchy with data member initializers may be instantiated too early, potentially leading to incorrect diagnostics about uses of undefined types or other errors.
- Fixed an issue in ATL's CString comparisions under C++20 and C++Latest language modes.
- Added Python 3.9.7 to Python workload. Removed Python 3.7.8 due to a security vulnerability.
- Referenced DacPac file causes deployment to process refactorlog even if IncludeCompositeObjects is false
- CString with spaceship operator <=> returns incorrect result (affects std::map, std::set, etc.)
- Visual Studio sqldb project unable to create primary key with (statistics_incremental = on) on table
- Template inheritance sometimes forces improper instantiation.
- Visual Studio 2019 freezes when comparing aspx/aspx.vb files
- Microsoft.Azure.Compute.Emulator.EXE will not be updated
CVE-2021-43877 .NET Vulnerability An elevation of privilege vulnerability exists in ANCM which could allow elevation of privilege when .NET core, .NET 5 and .NET 6 applications are hosted within IIS.
CVE-2021-42574 Bidirectional Text Vulnerability Bidirectional text control characters can be used to cause code to be rendered in the editor differently from what is contained on disk.
released November 16, 2021
- Adds Xcode 13.1 support.
- The bootstrappers now respect the --useLatestInstaller parameter, which causes the latest installer to be integrated into layout. This latest installer, which ships with Visual Studio 2022, enables the scenario where enterprises want to transition their clients from one layout location to another. For more information, refer to the [Visual Studio Administrators Guide](* The bootstrappers now respect the --useLatestInstaller parameter, which causes the latest installer to be integrated into layout. This latest installer, which ships with Visual Studio 2022, enables the scenario where enterprises want to transition their clients from one layout location to another. For more information, refer to the Visual Studio Administrators Guide.).
- Fixed an issue wehre WAP projects would not appear in the startup projects tool bar combo box.
- Fixed issue with Windows Application Projects (WAP) where, in certain circumstances, final application bundle contains wrong binaries.
- Prevent opening "Team Explorer > Manage Connections" or "Git Changes" windows from causing TFVC solutions to be unloaded.
- Starting Version 16.8.0 up to 16.9.1 becomes unresponsive and restarts frequently
- IntelliSense error with std::source_location::current()
- Visual Studio 2019 version 16.10 - UWP - Xamarin: Runtime exception 'Could not load file or assembly' after updating to Visual Studio 16.10
- Visual Studio 2019 version 16.11.3 - Packaging UWP application fails
- 16.11.6: Package 'AndroidImage_x86_API125_Private,version=10.0.0.3' failed to install
released November 09, 2021
- Address occasional instance where VSInstr would not exit when instrumenting a binary with volatile metadata.
- Fix for "value of range" errors when using C++ IntelliSense.
- Under certain conditions with an international locale selected fsi would crash when run from Visual Studio. This release fixes the issue and fsi should now operate correctly.
- Fixes an issue that could cause Visual Studio to build, debug, or run tests against binaries that weren't brought up to date with your latest code changes.
- Fixes a thread pool leak during Cloud Services local debugging.
- Add support for Android 12 APIs.
- Fixes a potential deadlock when closing Performance Profiler or Diagnostic Tools on Windows Server machines.
- Fixes a delay in VS startup.
CVE-2021-42319 Elevation of Privilege Vulnerability An Elevation of Privilege vulnerability exists in the WMI Provider that is included in the Visual Studio installer.
CVE-2021-42277 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector incorrectly handles file operations.
released October 12, 2021
A potential denial of service vulnerability exists in OpenSSL library, which is consumed by Git.
A potential denial of service vulnerability exists in OpenSSL library, which is consumed by Git.
A potential flag bypass exists in OpenSSL library, which is consumed by Git.
An Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection sends credentials in plain text on Linux.
released October 05, 2021
- Windows 11 SDK support.
- Add AMD64 math functions to ARM64X CRT.
- Updates to the ARM64 and ARM64EC interfaces between the binary and the POGO instrumentation runtime.
- Fixed several problems with IntelliSense responsiveness and correctness affecting C++20 concepts, ranges, and abbreviated function templates.
- Fixed a false positive in local lifetime checks.
- Corrected an issue where arrays allocated with a constant of size > 32bits could allocate less memory than requested.
- Ensures that ATL string initialization occurs during static variable initialization, in the default AppDomain.
- Fixed a bug in C++ Concurrency::parallel_for_each that was crashing the calling process due to integer overflow.
- Fixed a bug in the STL's iterator debugging machinery that could cause crashes in multithreaded programs using STL containers.
- We have fixed a fatal internal compiler error caused by unnamed structs whose fields are referenced from SAL annotations.
- Fixes a rare crash when analyzing templated code that uses __uuidof.
- Fixed an issue that caused C++ static analysis results to sometimes not display correctly in the FixIt action.
- Fixed opening .uitest extension files in Coded UI project
- Fire component change events for non-component objects also in WinForms .NET designer
- Fix for crash on deleting ContextMenuStrip control in Windows Forms .NET designer.
- Guard against crashes when the Windows Forms designer reloads when dragging.
- Fix for intermittent VS crash while interacting with WinForms .NET designer during solution or project rebuild.
- Fixed a bug causing .NET 5 projects to be reported as out of date when they should have been up to date, causing slower builds.
- Automatically disable asset-indexing for large scale Unity projects.
- Adds Xcode 13.0 support.
- This release fixes an issue with deploying certain Windows Application Packaging projects where deployment is unnecessarily copying unmodified files.
- Comparing CComPtr with CComPtr results in an error
- Structured binding in lambda in lambda cause a invalid compile error
- Bad codegen with operator new
- WinARM64 Build Failures with MFC/ATL Link issues after migrating from VS 16.8.6 to VS 16.9.5
- The unity codelens provider still requires a huge amount of memory and could be OOMed in large scale Unity project in version 16.11.
- Error C3493 with /std:c++latest using structured binding in Lambda
released September 14, 2021
- Fixed missing "Remote Device" debug target for Xamarin iOS projects.
- Fixed a bug that caused a start menu shortcut link to disappear. The bug only happened when updating multiple instances of different product SKUs on the same machine.
- Visual Studio UI unresponsive when too much build log output during build (eg: diagnostic verbosity)
- Live Unit Testing Crashes on start up
- "Remote device" not listed in devices
- Designer crashes for 32-bit apps whenever you scroll wheel over it
A permission assignment vulnerability exists in Visual Studio after installing the Game development with C++ and selecting the Unreal Engine Installer workload. The system is vulnerable to LPE during the installation it creates a directory with write access to all users.
released August 25, 2021
- Fixed an issue where CMake cache generation would fail, which blocked IntelliSense, build, and debug.
- Fixed warning "Evaluating the function 'System.Diagnostics.TraceInternal.Listeners.get' timed out and needed to be aborted in an unsafe way" when starting debugging on some .NET and dotnet Core application.
- CMake cache generation "hangs" after upgrade from vs2019 16.11.0 to 16.11.1
- Could not find any resources appropriate for the specified culture or the neutral culture. Make sure "Microsoft.VisualStudio.Data.Providers.SqlServer
- Build Selection stopped working VS 16.11
released August 16, 2021
- Fixes an issue installing the Microsoft.VisualStudio.ScriptedHost.Registry package during Visual Studio installation, which would cause the entire installation to fail.
- Unblocked Adding a new SSH Connection through Tools Options
released August 10, 2021
Updated Help Menu
- Updated menu highlights Get Started material and helpful Tips/Tricks. It also provides access to Developer Community, Release Notes, the Visual Studio product Roadmap, and our Social Media pages.
- New My Subscription menu item allows developers to make the most out of their subscriptions through benefit awareness and additional information!
Git tooling
- Access additional actions from the overflow menu in the branch picker in Git Changes window and status bar.
- Hover over a branch name to see last commit details in a tooltip.
- Access additional actions in the repository picker overflow menu from the status bar.
- Hover over a repository name to see repository details such as local path and remote URL.
C++
- LLVM tools shipped with Visual Studio have been upgraded to LLVM 12. See the LLVM release notes for details.
- Clang-cl support was updated to LLVM 12.
Setup
- Fixed an issue that affected command line execution of the update command. If the update fails the first time, a subsequent issuing of the update command now causes the update to resume the prior operation where it left off.
- .NET Hot Reload User Experience for editing managed code at runtime.
In this release we are excited to make available the first release of the new Hot Reload user experience when editing code files for applications such as WPF, Windows Forms, ASP.NET Core, Console, etc. With Hot Reload you can now modify your apps managed source code while the application is running with no need to pause execution or use a breakpoint. Instead, simply make a supported change and use the new “apply code changes” button in the toolbar to apply them immediately.
In this update of Visual Studio this new experience is available when running your application under the debugger (F5) and is powered by the Edit and Continue (EnC) mechanism. Therefore, anywhere that EnC is supported you can now also use Hot Reload alongside any other debugger features. .NET Hot Reload will also work alongside XAML Hot Reload, making it possible to make both UI and code-behind changes in your desktop applications such as WPF or WinUI.
Both EnC and Hot Reload also share the same limitations, so be aware that not every type of edit is currently supported. The complete list of what is or is not supported can be found in our documentation.
To learn more about Hot Reload and our long-term vision you can also read more details in our blog post.
- MSVC C++ 14.29.16.10 SxS Toolset updated to match VS 2019 v16.10.4. MSVC Toolset Version for this update is 14.29.30040.0/19.29.30040.0.
- Update Azure Branding
- Fix an issue where a failure during CMake test discovery could cause cache generation to fail.
- Fixed an issue causing TPv0 tests using CSV or SQLCE as data sources to fail to execute with an ArgumentException.
- Fixed the "ApplicationVerificationFailed" build error with Hot Restart
- Fixed a failure to conduct fast up-to-date check on WAP projects which was causing those projects to be built (instead of being skipped), even when project is up-to-date and does not need modifications, further causing increased incremental build times in IDE.
- Fixed the "Xamarin.iOS does not support running or debugging the previous built version of your project" error.
- Fixed the "Unable to connect to Mac Server with Address" error when trying to distribute iOS applications
- "Modules for Standard Library (experimental)" was missing, but has been restored.
- Fixed an EDG assertion failure on nested co_yield.
- Fixed an issue causing Microsoft Azure Tools for Visual Studio to trigger other .dlls to load in the About Box.
- Fixed an accessibility issue causing High Contrast Account Settings to not show.
- Fixed a formatting issue when using @
{if(true)}
. - Fixed an accessibility issue with screen readers failing to announce collapsed code headers.
- Fixed the Luminosity contrast ratio for Country boundary Foreground/background color to be greater or equals to 3:1 so that visually impaired users can identify these controls.
- Fixed an accessibility issue where Visible name and accessible name are not similar for "Server" edit field, "Site name" edit field and "Target Runtime" combo box.
- Fixed a bug causing the screen reader to announce the Connecting status message information under Add SQL Server blade.
- Filter was missing from the completion list in VB projects.
- Fixed an issue causing Visual Studio to occasionally stop responding when loading Microsoft.Maui-net6.sln.
- Fixed an error when building IOS project or XF project that showed the warning "Xamarin.iOS.Common.targets".
- Fixed branch picker menu grouping.
- Fixed an issue causing the repository below the selected repository to open instead of the desired repository.
- Fixed a bug causing warnings for template functions to follow an incorrect ruleset.
- Fixed a bug causing the Microsoft account dropdown to get truncated when resizing from 125% to 150% or 175% to 200%.
- Fixed an accessibility bug where the narrator does not announce the label name.
- Made it easier for users to access the "convert color to resource" button.
- Made it easier for low vision users to view the focus on the "Select previous gradient stop" and "Select Next gradient stop" buttons.
- Corrected issues with screen reader users not getting the proper information about buttons.
- GitHub specific error messages were not always showing when pushing commits.
- Fixed an issue causing warnings when trying to connect to SharePoint to provision workflow debugging prerequisites.
- Fixed an issue causing network operations to not work with the Fork and the remote Fork branches in the Git repo window.
- Fixed a Database Project issue where dragging a file from solution explorer into an opened one is deleting the file from the file system
- Fixed an issue causing an exception in .cshtml and .razor files.
- Fixed a slow display of files and icons in the Visual Studio IDE and Solution Explorer.
- Fixed an error with Git messaging that reported 'It is not allowed to run multiple bulk file operations at a time.'
- Improved ease of accessibility when accessing the controls for any path of the selected Profile.
- Corrected an 'Error List' warning when publishing a Cloud Service project with a 'Single Page Application' template.
- Fixes an issue where attempting to close the quick start window can cause Visual Studio to crash
- Fixed an inability to publish database projects with null values and an 'str' parameter name.
- Added support for SSDT MERGE statements.
- Fixed an issue with F# Interactive where NuGet package references were no longer working.
- Added ability to use Previous layout folders searching packages during layout operations.
- Added additional accessibility improvements for keyboard only users in debugging and menu selection.
- Fixed a localization error with Test Explorer.
- Fixed an error causing builds to fail in C# VSIX projects.
- Fixed an error where publishing failed in an ASP.NET Core App running on Docker (Windows/Linux) to Docker Container with error:"Current context "desktop-linux" is not found on the file system".
- Converted to using the new DartLab instance which gives us the latest fixes and simplifies the YAML.
- Fixed an issue when clicking "Go To Declaration" that resulted in the cursor jumping to an incorrect position.
- Fixed EnC regression.
- Fixed an error causing Visual Studio to stop responding when creating a Service Fabric application.
- Fixed an error where the Container Orchestrator Support context item disappears after adding docker support for an Azure Function project with .NET 5(Isolated) type selected.
- Fixed a situation where F5/Ctrl+F5 produced an error message, "Docker command failed with exit code1."
- Added Service Fabric and Add Orchestra Support dialog.
- Fixed a failure to restore NuGet deleted packages.
- Fixed an error causing mstest projects to remove LUT windows after renaming.
- Fixed formating when providing no container name in a code search.
- Fixed missing warning messages in CppCoreCheck.
- Fixed a bug when adding a class in ASP.NET causing a yellow bar with the error message: 'CSharpSyncNamespaceCodeRefactoringProvider'.
- Improved performance around using PointerSafetyXtension in CppCoreCheck.
- Improved localization around VC++ features.
- Fixed a build error when the solutionPath variable evaluates to undefined.
- Fixed a rare scenario that could keep Visual Studio instances from closing if the Test Explorer is open in the solution.
- Fixed a visibility issue with high contrast black in virtual machines shifting focus.
- Fixed an issue where an error "No such image" occurs when removing multi-selected images that have been tagged.
- Improved the XAML typing experience on the LiveShare client.
- Fixed an issue when using the Navigate To with a speech recognition command causing the user to wait for the ToolTip to clear before seeing the result.
- Fixed an issue causing previously opened documents to not restore when a solution is reopened.
- Fixed a UWP crash when using the new Sample Data feature.
- Fixed a bug where there were no project properties provider for "Persistence = AssemblyReference".
- Decreased processor consumption of setup.exe.
- Fixed an issue preventing HRESULT resources from being customized for XBOX.
- Fixed an unhandled exception after clicking "Debug Tests".
- Fixed a build error message "NETSDK1 031" when using a Windows Application Packaging Project.
- Fixed a crash after ending some LiveShare Sessions.
- Fixed a bug causing a failure of the "X" button on a page of the First Launch Wizard.
- Fixed an "Operation not supported" error message in LiveShare.
- Fixes a bug in Cloud Service (extended support) publish with different settings value in different service configurations.
- Fixed an issue with C++20 Modules IntelliSense where some language constructs would cause the compiler to crash.
- Fixed an issue that will cause a small amount of additional memory to leak.
- Fixed an API breaking change on AudioUnitPropertyIDType.
- Developers using UWP unit test framework who wish to run their tests on remote devices or emulators were unable to run the tests on remote devices.
- Code analysis/PREfast performance regression from 16.6.4 to 16.9.4
- Codeanalysis warning C6285 in STL functional.h in VS 16.10 preview 4. Worked in 16.10 preview 2
- EnforceProcessCountAcrossBuilds emits code analysis warnings on system headers
- Compile errors for external headers
- Incorrect lock warnings by analyzer C26110
- CMakePresets based generation on Linux Remote fails with "Error: Object reference not set to an instance of an object."
- Unable to copy text from git repository view
- Broken intellisense with template specialization
- ICE: ARM64 optimizing for /std:c++latest
- Error adding Apple Developer Account: A Parameter 'certificateType' has an invalid value: 'Unknown value:MAC_INSTALLER_DISTRIBUTION'
- Functional(813) has warning C6285
- ICE on C++20 modules + boost::asio
- 16.9.2 Freezing when working on SQL Server project
- Build Warning MSB4011 Since Last Xamarin and XCode Updates
- How enable the multthread to compile source in Visual studio 2019 16.9 with clangcl
- Incorrect formatting of switch statement with static_casts
- Visual Studio 2019 16.5.4 internal compiler error when using SSE
- Noexcept default constructor
- MSVC Compiler bug on _InterlockedCompareExchange64
- NativeReference cannot recognize MSBuild property value
- Incorrect Diagnostic: 26444 NO_UNNAMED_RAII_OBJECTS
- Incorrect C6240 LOGICALANDNONZERO
- Diagnostic Tools window loads up in miniature and will not resize properly
- Coroutine uses promise_type::unhandled_exception with exceptions disabled
- Bad(noexcept) exception handling information on AMD64
- ToolTip Blocking Search Results
- False postivie error C2176 in C++20 mode
- Operator new provides the wrong arguments to _aligned_malloc when packing is spectified
- Rejects valid parsing of lambda expression
- An error 'Unable to attach. Process 'SPUCWORKERPROCESS.exe' is not running' shows when deploying SharePoint2019 sandbox project
- Unexpected warning C4834 after updating to 16.10 Preview 2
- Syntactically invalid with a template code is silently ignored with /std:c++latest.
- BUG: Backspacing in branch filter removed characters from code
- StreamJsonRpcRemoteInvocationException: Error enumerating over Github credential store
- Cannot use arrow keys, cut, copy, or paste in Git branch "type here to filter the list" input box
- Error adding Apple Developer Account: A parameter 'certificateType' has an invald value: 'Unknown value: MAC_INSTALLER_DISTRIBUTION'
- Git Integration: Pressing backspace in Visual Studio 2019 branch filter is applied in editor window instead of in branch panel
- Unable to deploy to emulator or device using .NET MAUI
- Visual Studio 2019 Professional 16.10.0 - Tabs do not render correctly for SQL files.
- Cpp targets redirection fails when using DisableInstalledVCTargetsUse=true if MinimumVisualStudioVersion is 16.0
- Build Warning MSB4011 Since Last Xamarin and XCode Updates
- CMake Integration: Environments specified in
CMakeSettings.json
are not inherited when Visual Studio is used as the generator - There was an error activating the remote language server
- .pdb locked by ServiceHub.DataWarehouseHost.exe after running VS Profiler
- Visual Studio 2019 Preview can't launch new MAUI app for Android
- Blazor save & refresh build hangs Visual Studio
- Code Map shows method call not existing in the source code
See all open issues and available workarounds in Visual Studio 2019 by following the below link.
We would love to hear from you! For issues, let us know through the Report a Problem option in the upper right-hand corner of either the installer or the Visual Studio IDE itself. The icon is located in the upper right-hand corner. You can make a product suggestion or track your issues in the Visual Studio Developer Community, where you can ask questions, find answers, and propose new features. You can also get free installation help through our Live Chat support.
Take advantage of the insights and recommendations available in the Developer Tools Blogs site to keep you up-to-date on all new releases and include deep dive posts on a broad range of features.
For more information relating to past versions of Visual Studio 2019, see the Visual Studio 2019 Release Notes History page.