VS Code Config Helper

by githubv4.0.10

Last updated Jun 8, 2026

功能强大的 VS Code C++ 配置器

Install with winget

$ winget install --id Guyutongxue.Vscch --exact --version 4.0.10

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for VS Code Config Helper

VS Code Config Helper uses MSI (WiX). The silent install switches are /quiet /norestart.

One-line silent install (x64, machine scope)

msiexec.exe /i vscch_4.0.10_x64_zh-CN.msi /quiet /norestart

See the full silent install reference for VS Code Config Helper →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

Installers · v4.0.10

Architecture	Type	Scope	Install	Download
x64	MSI WiX	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

high7.1Patched in wingetCVE-2026-48569affects before 1.123.2Jun 9, 2026
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Vendor advisory
high7.5Patched in wingetCVE-2026-40376affects before 1.123.2Jun 9, 2026
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Vendor advisory
high8.8Patched in wingetCVE-2026-41613affects before 1.119.1May 12, 2026
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Vendor advisory
high7.8Patched in wingetCVE-2026-41611affects before 1.119.1May 12, 2026
Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.
Vendor advisory
medium6.3Patched in wingetCVE-2026-41610affects before 1.119.1May 12, 2026
Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Vendor advisory
high8.8Patched in wingetCVE-2026-41109affects before 1.119.1May 12, 2026
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.
Vendor advisory
high8.0Patched in wingetCVE-2026-21523affects before 1.109.2Feb 10, 2026
Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.
Vendor advisory
high8.8Patched in wingetCVE-2026-21518affects before 1.109.2Feb 10, 2026
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.
Vendor advisory

Showing 8 of 25. Source: NVD, updated just now. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

AstrBot Launchergithub
AstrBot.AstrBotLauncherv0.3.7
AstrBot GUI manager
Open CoreUI Desktopgithub
xxnuo.OpenCoreUI.Desktopv0.9.6
Open CoreUI - A rewritten Open WebUI in Rust, significantly reducing memory and resource usage, requiring no dependency services, no Docker, with both a server version and a Tauri-based desktop client. (formerly Open WebUI Lite)
migu-music-dlgithub
swim2sun.migu-music-dlv0.1.2
Download Migu Lossless Music

Frequently asked questions

How do I install VS Code Config Helper on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Guyutongxue.Vscch --exact --version 4.0.10. winget downloads the installer from github and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install VS Code Config Helper silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Guyutongxue.Vscch --exact 4.0.10 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for VS Code Config Helper?

VS Code Config Helper uses MSI (WiX). Run the downloaded installer with: msiexec.exe /i vscch_4.0.10_x64_zh-CN.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall VS Code Config Helper via winget?

Run: winget uninstall --id Guyutongxue.Vscch --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from VS Code Config Helper's Apps & Features entry.

Is VS Code Config Helper free?

VS Code Config Helper is distributed under GPL-3.0. Refer to the publisher (https://vscch.guyutongxue.site/) for the full license terms - Wingetly itself does not charge for installation.

Does VS Code Config Helper work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls VS Code Config Helper directly from the publisher.

How do I keep VS Code Config Helper up to date?

Run winget upgrade --id Guyutongxue.Vscch --exact, or winget upgrade --all to update everything winget tracks. We index 3 versions of VS Code Config Helper from microsoft/winget-pkgs.

Recent versions

4.0.10latest
4.0.9
4.0.8