BREAKING
Microsoft Fixes AutoGen 'AutoJack' Flaw
How AutoJack Achieved RCE
1Agent visits bad page
2JS opens MCP WebSocket
3Run arbitrary commands
A Chain of Three Weaknesses
Origin & AuthCWE-1385/306
Localhost check bypassed via agent
MCP route skipped authentication
Command InjectionCWE-78
URL parameter executed as-is
Launched calc.exe or shell
0+
GitHub stars
0
Stable builds hit
Localhost Trust Boundary Collapses
AI NEWS BLITZ
AI NEWS BLITZ
Microsoft has patched a remote code execution flaw in AutoGen Studio known as AutoJack.