Microsoft fixes AutoGen Studio flaw that enabled code execution
AI disclosure
Summary
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage. [...]