Rustup: the Rust toolchain installer

by The Rust Programming Languagev1.29.0

Last updated Jun 8, 2026

The Rust toolchain installer

Install with winget

$ winget install --id Rustlang.Rustup --exact --version 1.29.0

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Rustup: the Rust toolchain installer

Rustup: the Rust toolchain installer uses EXE. The silent install switches are -y -q.

One-line silent install (x64)

rustup-init.exe -y -q

See the full silent install reference for Rustup: the Rust toolchain installer →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Rustup installs The Rust Programming Language from the official release channels, enabling you to easily switch between stable, beta, and nightly compilers and keep them updated. It makes cross-compiling simpler with binary builds of the standard library for common platforms. And it runs on all platforms Rust supports, including Windows.

Installers · v1.29.0

Architecture	Type	Scope	Download
x86	EXE	-	Direct
x64	EXE	-	Direct
arm64	EXE	-	Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

15 known CVEs via NVD

high8.1Fix in v1.81.0CVE-2024-43402affects before 1.81.0Sep 4, 2024
Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whi...
Patch Vendor advisory
critical9.8Patched in wingetCVE-2024-3566affects v1.77.2Apr 10, 2024
A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
critical10.0Fix in v1.77.2CVE-2024-24576affects before 1.77.2Apr 9, 2024
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to...
Vendor advisory
medium6.1Patched in wingetCVE-2023-40030affects before 1.72.0Aug 24, 2023
Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may in...
Patch Vendor advisory
high7.3Fix availableCVE-2022-21658affects >=1.0.0 and <=1.58.0Jan 20, 2022
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlin...
Patch Vendor advisory
critical9.1Fix in v1.53.0CVE-2021-29922affects before 1.53.0Aug 7, 2021
library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal int...
Patch Vendor advisory
critical9.8Patched in wingetCVE-2021-31162affects before 1.52.0Apr 13, 2021
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
Patch
high8.2Fix in v1.52.0CVE-2020-36323affects before 1.52.0Apr 13, 2021
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
Patch

Showing 8 of 15. Source: NVD, updated 6h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

M
mdBookThe Rust Programming Language
Rustlang.mdBookv0.5.3
Create book from markdown files. Like Gitbook but implemented in Rust.
CC Switchfarion1231
farion1231.CC-Switchv3.16.2
A cross-platform desktop All-in-One assistant tool for Claude Code, Codex, OpenCode, openclaw & Gemini CLI.
KrokietRafał Mikrut
qarmin.krokietv11.0.1
Multi functional app to find duplicates, empty folders, similar images etc.
P
pixiprefix-dev
prefix-dev.pixiv0.70.2
A cross-platform, multi-language package manager and workflow tool
GoXLR UtilityThe GoXLR on Linux Team
GoXLR-on-Linux.GoXLR-Utilityv1.2.4
An unofficial GoXLR App replacement for Linux, Windows and MacOS
R
RipGrep MSVCBurntSushi
BurntSushi.ripgrep.MSVCv15.1.0
ripgrep recursively searches directories for a regex pattern while respecting your gitignore

More from The Rust Programming Language or browse rust, rustlang.

Frequently asked questions

How do I install Rustup: the Rust toolchain installer on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Rustlang.Rustup --exact --version 1.29.0. winget downloads the installer from The Rust Programming Language and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Rustup: the Rust toolchain installer silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Rustlang.Rustup --exact 1.29.0 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Rustup: the Rust toolchain installer?

Rustup: the Rust toolchain installer uses EXE. Run the downloaded installer with: rustup-init.exe -y -q. The silent switches are -y -q.

How do I uninstall Rustup: the Rust toolchain installer via winget?

Run: winget uninstall --id Rustlang.Rustup --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Rustup: the Rust toolchain installer's Apps & Features entry.

Is Rustup: the Rust toolchain installer free?

Rustup: the Rust toolchain installer is distributed under Apache-2.0 or MIT. Refer to the publisher (https://rust-lang.github.io/rustup/) for the full license terms - Wingetly itself does not charge for installation.

Does Rustup: the Rust toolchain installer work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Rustup: the Rust toolchain installer directly from the publisher.

How do I keep Rustup: the Rust toolchain installer up to date?

Run winget upgrade --id Rustlang.Rustup --exact, or winget upgrade --all to update everything winget tracks. We index 9 versions of Rustup: the Rust toolchain installer from microsoft/winget-pkgs.

Recent versions

1.29.0latest
1.28.2
1.28.1
1.28.0
1.27.1
1.27.0
1.26.0
1.25.2
1.25.1