Microsoft has reinstated the “Material Theme – Free” and “Material Theme Icons – Free” extensions on the Visual Studio Marketplace after determining that the obfuscated code they contained was not malicious.
The extensions, which have over 9 million installs, were originally removed in late February due to security concerns, and their publisher, Mattia Astorino (aka ‘equinusocio’), was banned without prior notice.
At the time, Microsoft stated that security researchers had flagged the extensions as potentially dangerous after an AI-powered scan detected code execution capabilities in the “release-notes.js” file. However, Astorino denied any malicious intent, explaining that the flagged code was an outdated dependency from sanity.io, which has been used since 2016 for release notes. He argued that Microsoft could have contacted him to fix the issue instead of banning him outright.
Following further investigation, Microsoft admitted to making an error. A Microsoft representative, Scott Hanselman, publicly apologized to Astorino, acknowledging that the company had acted too quickly. He confirmed that the publisher’s account and extensions were reinstated and that Microsoft will now revise its policies on obfuscated code to prevent similar incidents.
Despite the reinstatement, cybersecurity researchers maintain that while the flagged code had potentially risky elements, the developer did not intend to harm anyone. Astorino has since rewritten the Material Theme extensions, ensuring they are safe to use on the VSCode Marketplace.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
