Ruby 3.4 with MSYS2

by RubyInstaller Teamv3.4.9-1

Last updated Jun 8, 2026

A Ruby language execution environment with a MSYS2 installation.

Install with winget

$ winget install --id RubyInstallerTeam.RubyWithDevKit.3.4 --exact --version 3.4.9-1

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Ruby 3.4 with MSYS2

Ruby 3.4 with MSYS2 uses EXE (Inno Setup). The silent install switches are /VERYSILENT /SUPPRESSMSGBOXES /NORESTART.

One-line silent install (x64, user scope)

rubyinstaller-devkit-3.4.9-1-x64.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /CURRENTUSER

See the full silent install reference for Ruby 3.4 with MSYS2 →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

The RubyInstaller project provides a self-contained Windows-based installer that includes a Ruby-language execution environment and a baseline set of required RubyGems and extensions, integrated with a MSYS2 installation.

Installers · v3.4.9-1

Architecture	Type	Scope	Download
x86	EXE Inno Setup	user	Direct
x86	EXE Inno Setup	machine	Direct
x64	EXE Inno Setup	user	Direct
x64	EXE Inno Setup	machine	Direct
arm64	EXE Inno Setup	user	Direct
arm64	EXE Inno Setup	machine	Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

14 known CVEs via NVD

high8.1Patched in wingetCVE-2026-46727affects before 4.0.5May 22, 2026
An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler (rb_getaddrinfo in ext/socket/raddrinfo.c) allows a remote attacker who can delay DNS responses near the user-specified timeout to crash...
Vendor advisory
medium5.3Patched in wingetCVE-2023-28756affects <=2.7.7Mar 30, 2023
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.
Vendor advisory
high8.8Patched in wingetCVE-2021-33621affects before 2.7.7, 3.0.5, 3.1.3Nov 18, 2022
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
high7.5Patched in wingetCVE-2022-28739affects before 2.6.10, 2.7.6, 3.0.4, 3.1.2May 9, 2022
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
Vendor advisory
critical9.8Patched in wingetCVE-2022-28738affects before 3.0.4, 3.1.2May 9, 2022
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
Patch Vendor advisory
high7.5Patched in wingetCVE-2021-41819affects before 2.7.5, 3.0.3Dec 31, 2021
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
Vendor advisory
high7.5Patched in wingetCVE-2021-41817affects before 2.6.9, 2.7.5, 3.0.3Dec 31, 2021
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Vendor advisory
high7.4Patched in wingetCVE-2021-32066affects >=2.6.0 and <=2.6.7Aug 1, 2021
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network p...
Patch Vendor advisory

Showing 8 of 14. Source: NVD, updated 1h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Ruby 3.3 with MSYS2RubyInstaller Team
RubyInstallerTeam.RubyWithDevKit.3.3v3.3.11-1
A Ruby language execution environment with a MSYS2 installation.
Ruby 4.0 with MSYS2RubyInstaller Team
RubyInstallerTeam.RubyWithDevKit.4.0v4.0.5-1
A Ruby language execution environment with a MSYS2 installation.
Ruby 2.6 with MSYS2RubyInstaller Team
RubyInstallerTeam.RubyWithDevKit.2.6v2.6.10-1
MSYS2 based RubyInstaller for Windows
Ruby 3.4RubyInstaller Team
RubyInstallerTeam.Ruby.3.4v3.4.9-1
The Ruby language execution environment
Ruby 2.7RubyInstaller Team
RubyInstallerTeam.Ruby.2.7v2.7.6-1
Ruby Programming Language for Windows
Ruby 3.2 with MSYS2RubyInstaller Team
RubyInstallerTeam.RubyWithDevKit.3.2v3.2.11-1
A Ruby language execution environment with a MSYS2 installation.

More from RubyInstaller Team or browse language, programming, programming-language.

Frequently asked questions

How do I install Ruby 3.4 with MSYS2 on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id RubyInstallerTeam.RubyWithDevKit.3.4 --exact --version 3.4.9-1. winget downloads the installer from RubyInstaller Team and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Ruby 3.4 with MSYS2 silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id RubyInstallerTeam.RubyWithDevKit.3.4 --exact 3.4.9-1 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Ruby 3.4 with MSYS2?

Ruby 3.4 with MSYS2 uses EXE (Inno Setup). Run the downloaded installer with: rubyinstaller-devkit-3.4.9-1-x64.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /CURRENTUSER. The silent switches are /VERYSILENT /SUPPRESSMSGBOXES /NORESTART.

How do I uninstall Ruby 3.4 with MSYS2 via winget?

Run: winget uninstall --id RubyInstallerTeam.RubyWithDevKit.3.4 --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Ruby 3.4 with MSYS2's Apps & Features entry.

Is Ruby 3.4 with MSYS2 free?

Ruby 3.4 with MSYS2 is distributed under BSD-3-Clause. Refer to the publisher (https://rubyinstaller.org/downloads/) for the full license terms - Wingetly itself does not charge for installation.

Does Ruby 3.4 with MSYS2 work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Ruby 3.4 with MSYS2 directly from the publisher.

How do I keep Ruby 3.4 with MSYS2 up to date?

Run winget upgrade --id RubyInstallerTeam.RubyWithDevKit.3.4 --exact, or winget upgrade --all to update everything winget tracks. We index 7 versions of Ruby 3.4 with MSYS2 from microsoft/winget-pkgs.

Recent versions

3.4.9-1latest
3.4.8-1
3.4.7-1
3.4.6-1
3.4.5-1
3.4.4-2
3.4.2-1