A recently discovered vulnerability in Anthropic’s Claude Desktop Extensions exposes over 10,000 users to zero-click system compromise. LayerX researchers highlight how a seemingly benign Google Calendar event can trigger remote code execution, allowing bad actors to take over systems without user interaction. This flaw stems from the Model Context Protocol (MCP), which enables the autonomous execution of tasks, creating a trust breach between low-risk data sources and high-privileged actions. The proof-of-concept attack requires only a cleverly disguised calendar entry to execute unauthorized commands, achieving a CVSS score of 10.0 due to its severity. To mitigate risks, organizations should disable untrusted extensions, enforce least-privilege controls, and implement endpoint protections. These steps help bolster security against AI-driven threats, emphasizing the need for robust trust boundaries and zero-trust solutions. As AI becomes more integrated into workflows, it’s critical to treat these tools as privileged software rather than mere productivity features.
Source link
