Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
👁 Visual Studio logo
Visual Studio 2022 version 17.12 release notes
Note
The latest version of Visual Studio 2022 is 17.14. See the release notes for additional information.
We're excited to announce the availability of Visual Studio 2022 v17.12. This update focuses on providing fantastic developer experiences for working with .NET 9 projects and new AI productivity features, along with continuous improvements all-around.
Features
Feature list for 17.12 which was released on November 12, 2024.
Productivity
GitHub Copilot
.NET
Debugging & diagnostics
Git tooling
IDE
Cloud
Desktop
Web
Data
C++
Top user-reported bug fixes
- C# Editor cannot find controls defined in xaml file
- GIT command (sync, pull, push) and branch list missing from status bar
- VSSDK/CPS/Extensibility: Image Loading in VS Extensions via .imagemanifest is Broken in VS2022
- Backspace etc sometimes stop working
- Resource explorer cannot open resx files
- Reset all settings always results in an error
- VS2022 17.10.0 Preview 7: Internal compiler error
- Javascript Files Lose Color Coding after 10000 lines of code
- Using std::format in a module requires including format header in .cpp files using that module
- C++ Syntax Error after upgrading to Visual Studio 17.11.0
- Unable to Move a Block of Code Up and Down After VS Update
- CMake cache generation on a remote Linux host fails on a ctest query
- Error in Azure DevOps pipelines with VSTest@2
- Cannot add Apple account (VS 2022, Enterprise account)
📣 See the full list of all the user-reported [bug fixes][bugfixes] that made it into this release.
Known Issues
- "Failed exporting the certificate" error occurs when attempting to debug an ASP.NET Core web project with HTTPS enabled and using the WSL debug profile. This occurs due to Breaking change: dev cert export no longer creates folder.
This can be worked around by creating the
%appdata%\ASP.NET\Httpsfolder prior to debugging.
Version 17.12.21
Released June 9th, 2026
| Security advisories addressed | CVE | Description |
|---|---|---|
| SQLite Memory Corruption Vulnerability | CVE-2025-6965 | There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. |
| .NET SDK Elevation of Privilege Vulnerability | CVE-2026-45490 | dotnet.exe workload elevate - Arbitrary file creation/truncation via LogFile named pipe allows an unauthorized attacker to elevate privileges locally. |
| .NET Core Tampering Vulnerability | CVE-2026-45491 | Symlink path traversal in System.Formats.Tar enables arbitrary file write when extracting tar entries. |
| ASP.NET Core Denial of Service Vulnerability | CVE-2026-45591 | Stack overflow DoS via deeply-nested MessagePack arrays in SignalR and Blazor Server. |
Version 17.12.20
Released May 12th, 2026
| Security advisories addressed | CVE | Description |
|---|---|---|
| SQLite Memory Corruption Vulnerability | CVE-2025-6965 | There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. |
| .NET Core Tampering Vulnerability | CVE-2026-32175 | A tampering vulnerability exists when .NET Core improperly handles specially crafted files. |
| .NET Elevation of Privilege Vulnerability | CVE-2026-32177 | Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. |
| .NET Elevation of Privilege Vulnerability | CVE-2026-35433 | Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. |
| ASP.NET Core Denial of Service Vulnerability | CVE-2026-42899 | Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
Version 17.12.19
Released April 14th, 2026
| Top bug fixes | From the community |
|---|---|
| Update Node.js version for VS2022 | Feedback ticket |
| Security advisories addressed | CVE | Description |
|---|---|---|
| .NET Denial of Service Vulnerability | CVE-2026-26171 | A vulnerability exists in EncryptedXml class where uncontrolled resource consumption can give an attacker to the ability to perform a Denial of Service attack. |
| .NET Spoofing Vulnerability | CVE-2026-32178 | Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. |
| SQLite Memory Corruption Vulnerability | CVE-2025-6965 | There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. |
| Node.js TLS DoS Vulnerability | CVE-2026-21637 | A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. |
| Visual Studio Information Disclosure Vulnerability | CVE-2026-32631 | An information disclosure vulnerability exists in MinGit due to NTLM hash leak to untrusted server. |
Version 17.12.18
Released March 10th, 2026
| Security advisories addressed | CVE | Descritpion |
|---|---|---|
| .NET Denial of Service Vulnerability | CVE-2026-26130 | A denial of service vulnerability exists in ASP.NET Core due to uncontrolled resource consumption. |
| .NET Elevation of Privilege Vulnerability | CVE-2026-26131 | An elevation of privilege vulnerability exists in .NET due to improper authorization. |
| Visual Studio Information Disclosure Vulnerability | CVE-2025-66413 | An information disclosure vulnerability exists in MinGit due to NTLM hash leak to untrusted server. |
Version 17.12.17
Released February 10th, 2026
| Security advisories addressed | CVE | Descritpion |
|---|---|---|
| .NET Security Feature Bypass Vulnerability | CVE-2026-21218 | This security update addresses a vulnerability where improper handling of missing special element in .NET and Visual Studio allows an authorized attacker to perform spoofing over a network. |
Version 17.12.16
Released January 13th, 2026
| Top bug fixes | From the community |
|---|---|
| GitHub Copilot: auth failure while using Auto model | Feedback ticket |
Version 17.12.15
Released December 9th, 2025
| Top bug fixes | From the community |
|---|---|
| Unable to launch Visual Studio 2022 LTSC 17.12 | Feedback ticket |
| Marked the Windows 10 SDK (version 10.0.19041.0) component as out of support in the Visual Studio installer. |
Version 17.12.14
Released November 11th, 2025
| Top bug fixes | From the community |
|---|---|
| New Visual Studio 2022 Updates Include LibCurl Library that Breaks Git | Feedback ticket |
Version 17.12.13
Released October 14th, 2025
| Top bug fixes | From the community |
|---|---|
| Nuget Package Manager for Project -> Connect To Feed Spam | Feedback ticket |
| Updated MinGit to v2.50.1 to address an issue where users with repositories located on ReFS volumes and Windows Server 2022 couldn't perform Git operations with VS IDE. | Feedback ticket |
| Security advisories addressed | CVE | Descritpion |
|---|---|---|
| Visual Studio Remote Code Execution Vulnerability | CVE-2025-55240 | This security update addresses an Untrusted Search Path Remote Code Execution Vulnerability in Gulpfile |
| .NET Security Feature Bypass Vulnerability | CVE-2025-55315 | This security update addresses an HTTP Request Smuggling vulnerability due to incorrect parsing of chunk extension |
| .NET Information Disclosure Vulnerability | CVE-2025-55248 | This security update addresses a vulnerability where SmtpClient may connect without TLS even if UseSsl is true |
Version 17.12.12
Released September 9th, 2025
| Top bug fixes | From the community |
|---|---|
| .NET runtime is updated to 8.0.20 and 9.0.9, and .NET SDK to 9.0.110 |
Version 17.12.11
Released August 12th, 2025
| Top bug fixes | From the community |
|---|---|
| The following Windows SDK versions have been removed from the Visual Studio 2022 installer: 10.0.18362.0, 10.0.20348.0 and 10.0.22000.0. If you previously installed one of these versions of the SDK using Visual Studio it will be uninstalled when you update. If your project targets any of these SDKs you may encounter a build error such as: The Windows SDK version 10.0.22000.0 was not found. Install the required version of Windows SDK or change the SDK version in the project property pages or by right-clicking the solution and selecting "Retarget solution". To resolve this, we recommend retargeting your project to 10.0.26100.0, or an earlier supported version if necessary. For a complete list of supported SDK versions please visit: https://developer.microsoft.com/windows/downloads/sdk-archive/. If you need to install an unsupported version of the SDK, you can find it here: https://developer.microsoft.com/windows/downloads/sdk-archive/index-legacy/. |
Version 17.12.10
Released July 8th, 2025
| Security advisories addressed | CVE | Descritpion |
|---|---|---|
| Visual Studio - Elevation Of Privilege | CVE-2025-49739 | Time-of-check to time-of-use in Standard Collector Service allows Local privilege escalation |
| Gitk Arguments Vulnerability | CVE-2025-27613 | Gitk Arguments Vulnerability |
| Gitk Abitryary Code Execution Vulnerability | CVE-2025-27614 | Gitk Abitryary Code Execution Vulnerability |
| Git Malicious Shell Vulnerability | CVE-2025-46334 | Git Malicious Shell Vulnerability |
| Git File Overwrite Vulnerability | CVE-2025-46835 | Git File Overwrite Vulnerability |
| Git Symlink Vulnerability | CVE-2025-48384 | Git Symlink Vulnerability |
| Git Protocol Injection Vulnerability | CVE-2025-48385 | Git Protocol Injection Vulnerability |
| Git Credential Helper Vulnerability | CVE-2025-48386 | Git Credential Helper Vulnerability |
Version 17.12.9
Released June 10th, 2025
| Top bug fixes | From the community |
|---|---|
| Sanitizer Coverage Produces Bad Codegen | Feedback ticket |
| Bad codegen when saving data to a std::array | Feedback ticket |
| ASAN atol_static interception failure | Feedback ticket |
| Updated the VS installer to include the latest servicing releases for Windows SDK versions 10.0.19041.0 and 10.0.22621.0. |
| Security advisories addressed | CVE | Descritpion |
|---|---|---|
| Visual Studio Remote Code Execution Vulnerability | CVE-2025-47959 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network. |
| .NET and Visual Studio Remote Code Execution Vulnerability | CVE-2025-30399 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. |
Version 17.12.8
Released May 13th, 2025
| Top bug fixes | From the community |
|---|---|
| A recent update to Visual Studio causes an app that worked well when built with previous VS versions to crash. | Feedback ticket |
| Fixed an issue in the modern query work item TFVC checkin-policy that prevented the project name from being retrieved. Additionally, fixed an issue in the forbidden patterns TFVC check-in policy that caused the patterns to be "forgotten" by the policy after it was created. | Feedback ticket |
| Address sanitizer in Release may introduce bugs | Feedback ticket |
| Incorrect code gen with /arch:SSE4.2 (generates incorrect insertps immediate) | Feedback ticket |
| Fixed the binding redirect for the System.Reflection.MetadataLoadContext assembly, allowing VS code and extensions to reference older versions of that assembly and still run properly in the devenv.exe process. | |
Fixed intermittent failures in the C++ language toolset that manifest as D8000: UNKNOWN COMMAND LINE errors |
Feedback ticket |
| Fixed an issue to prevent re-ordering of AVX instruction onto SSE2-only execution path. | Feedback ticket |
| Fixed context not supported error in Containers window. |
| Security advisories addressed | CVE |
|---|---|
| Access to ETW tracing not known by Admin installing VS on the machine | CVE-2025-32703 |
| Remote Code Execution due to nuget package squatting | CVE-2025-32702 |
| .NET - Spoofing - Elevation of Privilege in msbuild's DownloadFile tasks default behaviors | CVE-2025-26646 |
Version 17.12.7
Released April 8th, 2025
| Top bug fixes | From the community |
|---|---|
| Added support for modern TFVC Check-in Policies, as well as guidance and warnings when obsolete TFVC Check-in Policies are being applied. | |
| VisualCppTools / ppltasks.h race condition bug in when_any | Feedback ticket |
| Fixed arm64EC link failure unresolved external #_guard_dispatch_icall_$fo$ | Feedback ticket |
| Security advisories addressed | CVE |
|---|---|
| Visual Studio node.js Untrusted Search Path Remote Code Execution Vulnerability | CVE-2025-29802 |
| Visual Studio Android JDK Untrusted Search Path Remote Code Execution Vulnerability | CVE-2025-29804 |
| ASP.NET Core 8 Denial of Service with HTTP/3 | CVE-2025-26682 |
Version 17.12.6
Released March 11th, 2025
| Top bug fixes | From the community |
|---|---|
| Fixed an incorrect initialization issue for certain structs with zero-sized members. | |
The Address Sanitizer (ASan) now links to OneCoreUAP_apiset.lib, an umbrella library, rather than directly to Win32 libraries. This is to make ASan more portable over multiple OS versions and devices. If your code transitively depends on Win32 modules brought by ASan (not recommended), this may be a breaking change. In such cases, we recommend linking your program directly to the necessary Win32 dependency libraries. |
Feedback ticket |
| Fixed an issue in C# inline rename where the entire identifier was selected when rename suggestions were available. This would override the developer's selection and could lead to mistyping, especially if the developer moved the caret within the inline rename interface. Now, Copilot rename suggestions will not alter the selection within the inline rename interface. | Feedback ticket |
| Fixed an issue where instrumented DLLs unloaded during the fuzzer's input test execution will cause a false positive ASan error report and crash. | Feedback ticket |
| x86 ICE again after updating PGO optimization data | Feedback ticket |
| Fixed an issue where customers with Intel graphics hardware could experience laggy scrolling in the editor after triggering an image preview on hover. | Feedback ticket |
| VS2022 Professional - Unable to sign-in to m account | Feedback ticket |
| Removed the command line arguments dropdown to mitigate a UI hang in the Unreal Engine experience. | |
| Blazor projects breaks Intellisense 17.12.2 | Feedback ticket |
| Security advisories addressed | CVE |
|---|---|
| Visual Studio Elevation of Privilege Vulnerability | CVE-2025-25003 |
| .NET Elevation of Privilege Vulnerability | CVE-2025-24070 |
| Visual Studio Installer Elevation of Privilege Vulnerability | CVE-2025-24998 |
Version 17.12.5
Released February 11th, 2025
| Top bug fixes | From the community |
|---|---|
| Addressed an issue where sometimes the CPU Usage tool would fail to show results even though it previously captured data. | |
| MSVC Code Analysis can now detect use of dangling pointers that points to resources in temporary objects that are destroyed when used in the initializer list of an array. | Feedback ticket |
| Error with String::Format in C++ CLR Class Library (.NET) project | Feedback ticket |
| Regression in 17.12.0: Substitution Failure Is An Error C3699 when compiling with /CLR | Feedback ticket |
| Updated the Windows 11 SDK (10.0.26100.0) installed by Visual Studio to the January 2025 servicing build. | |
| Fixed a bug in the optimizer that lead to incorrect codegen and was seen affecting the std::sort function when called from a coroutine. |
| Security advisories addressed | CVE |
|---|---|
| Visual Studio Installer Elevation of Privilege - Uncontrolled Search Path Element allows an unauthorized attacker to elevate privileges locally. | CVE-2025-21206 |
Version 17.12.4
Released January 14th, 2025
| Top bug fixes | From the community |
|---|---|
| Addressed an incompatibility between Live++ (a 3rd party C++ Hot Reload tool) and Visual Studio 2022. | Feedback ticket |
| Addressed a hang in All-In-One Search (Ctrl+T, Ctrl+Q). | Feedback ticket |
| Visual Studio Debugger can't display values in 'Locals' window. | Feedback ticket |
| Fixed a bug causing VS to immediately crash and close when opening the NuGet Package Manager if the right-side details pane was sized to be very small. | Feedback ticket |
| Fixed an issue where hovering over a docker file could hang VS. | |
| Fixed an issue with incorrect initialization for certain structs with zero-sized members. | |
| Fixed an issue for x86 targets where frame registers used during coroutines may not be reloaded correctly. | Feedback ticket |
| VS now includes MAUI 8.0.100 (SR10); MAUI 9.0.14 (SR1.4) | |
| Fixed syntax color flicker while scrolling via https://github.com/dotnet/roslyn/pull/75796|| |
| Security advisories addressed | CVE |
|---|---|
| .NET and Visual Studio Remote Code Execution Vulnerability | CVE-2025-21172 |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | CVE-2025-21176 |
| Visual Studio Remote Code Execution Vulnerability | CVE-2025-21178 |
| Carriage-return character in remote URL allows malicious repository to leak credentials | CVE-2024-50338 |
| .NET Remote Code Execution Vulnerability | CVE-2025-21171 |
| (Linux only) .NET Elevation of Privilege Vulnerability | CVE-2025-21173 |
| Visual Studio Elevation of Privilege Vulnerability | CVE-2025-21405 |
Version 17.12.3
Released December 3rd, 2024
| Top bug fixes | From the community |
|---|---|
| NuGet errors after upgrading from VS v17.11.6 to v17.12 with .NET 9. | Feedback ticket |
| Private Unity messages incorrectly marked as unused IDE0051. | Feedback ticket |
| Intellisense stopped working in Word C++ project. | Feedback ticket |
| Fixed an issue where characters might be duplicated when typing in a file containing an embedded language. | Feedback ticket |
| Fixed an issue in which resolving merge conflicts in .razor files and .cshtml files would result in an empty window. | Feedback ticket |
| Azure Devops Permalink from Visual Studio 2022 doesn't work. | Feedback ticket |
| Fixed an issue where Visual Studio would crash if the environment variable DOTNET_SYSTEM_GLOBALIZATION_INVARIANT was set to 1. | Feedback ticket |
| Fixed performance profiler start up error for C++ projects. | Feedback ticket |
Version 17.12.2
Released Novemeber 26th, 2024
| Top bug fixes | From the community |
|---|---|
| C++ IntelliSense no longer displays errors for projects that had working IntelliSense in Visual Studio 17.11. | Feedback ticket |
| The Copilot indexer process no longer locks files. | Feedback ticket |
| Fixed a compiler crash in C++/CLI code that targets .NET Core and uses param-arrays. | Feedback ticket |
| .NET for iOS/tvOS/macOS/macCatalyst release notes | |
| After Windows update KB5041580, Visual Studio crashes silently upon opening a merge editor window. | Feedback ticket |
| [LKG18] Some shrink-wrapped functions have incomplete unwind information in their secondary fragments. | Feedback ticket |
| Internal Compiler Error C1001 for arm64 build. | Feedback ticket |
| SSDT crashing with Critical Error Encountered in VS17.12. | Feedback ticket |
Version 17.12.1
Released Novemeber 19th, 2024
| Top bug fixes | From the community |
|---|---|
| Fixed the syntax color flicker issue while scrolling via https://github.com/dotnet/roslyn/pull/75796 | |
| This release includes updates to maintain compliance with international language laws. |
From all of us on the team, thank you for choosing Visual Studio. If you have any questions, please reach us on Twitter or Developer Community.
Happy coding!
The Visual Studio team
Note
This update may include new Microsoft or third-party software that is licensed separately, as set out in the 3rd Party Notices or in its accompanying license.