BREAKING
Microsoft Fixes AutoGen 'AutoJack' Flaw
How AutoJack Achieved RCE
1
Agent visits bad page
↓
2
JS opens MCP WebSocket
↓
3
Run arbitrary commands
A Chain of Three Weaknesses
Origin & Auth
CWE-1385/306
●
Localhost check bypassed via agent
●
MCP route skipped authentication
Command Injection
CWE-78
●
URL parameter executed as-is
●
Launched calc.exe or shell
0
+
GitHub stars
0
Stable builds hit
Localhost Trust Boundary Collapses
AI NEWS BLITZ
AI NEWS BLITZ
Microsoft has patched a remote code execution flaw in AutoGen Studio known as AutoJack.