Microsoft Warns: AI Agents "AutoJack"-ed via Untrusted Sites

Microsoft warns that AI agents could be "AutoJack"-ed to deliver malicious software. This vulnerability chain in AutoGen Studio allows a single untrusted website to achieve remote code execution on a device running an AI agent. Here's the thing: AutoGen Studio, a program for developing AI agents, had three minor flaws that, when combined, created a significant risk. These included issues with local connections, skipped login checks, and the ability to run arbitrary code. This meant an AI agent browsing a malicious website could be tricked into running attacker-supplied programs. What's interesting is that Microsoft's Defender Security Research Team discovered and reported these issues before they reached regular users. The problem only existed in early GitHub builds and was fixed before the official release. This highlights the critical need for strict authentication and isolation in developer tools.