PC 版 ChatGPT 客户端曝“记忆”功能漏洞

9 月 27 日消息,OpenAI 在今年 2 月宣布为 ChatGPT 推出记忆(Memory)的功能,今年 9 月初这项功能正式向所有用户开放,该功能的主要用途是“设定预设”,从而帮助 AI 向用户更符合需求的答案。

不过研究人员 Johann Rehberger 目前披露报告,称这项功能在 PC 版 ChatGPT 客户端上存在漏洞,黑客可借漏洞获取用户对话记录。

Johann Rehberger 将这项漏洞称为 SpAIware,他表示黑客可通过钓鱼形式让受害者在 PC 版 ChatGPT 客户端中上传特定文件 / 特定网址让 AI 分析,一旦分析成功,AI 便会“记住将用户的后续对话内容分享至黑客”,目前 OpenAI 已发布新版应用进行修补。

PC 版 ChatGPT 客户端曝“记忆”功能漏洞插图

PC 版 ChatGPT 客户端曝“记忆”功能漏洞插图1

On September 27th, news emerged that OpenAI announced the Memory feature for ChatGPT in February of this year, and this feature officially became available to all users at the beginning of September. The main purpose of this feature is to “set presets” to help AI provide answers that better meet users’ needs.
However, researcher Johann Rehberger has recently disclosed a report stating that there is a vulnerability in this feature on the PC version of the ChatGPT client, which hackers can exploit to access users’ conversation records.
Johann Rehberger named this vulnerability SpAIware, and he stated that hackers could use phishing tactics to trick victims into uploading specific files or URLs on the PC version of the ChatGPT client for AI analysis. Once the analysis is successful, the AI would “remember to share the user’s subsequent conversation content with the hacker.” OpenAI has since released a new version of the application to patch the vulnerability.

给TA打赏
共{{data.count}}人
人已打赏
大事件

​Arc 浏览器推出安全漏洞赏金计划,赏金高达20000美元

2024-9-28 10:20:28

大事件

WordPress 与托管商 WP Engine 决裂,禁止其访问平台资源

2024-9-28 17:22:18

在线客服
主机吧
我们将24小时内回复。
2024-10-05 07:55:20
您好,有任何疑问请与我们联系!
您的工单我们已经收到,我们将会尽快跟您联系!
[QQ客服]
176363189
当幸福来敲门
[小黄]
17307799197
[企业邮箱]
sudu@yunjiasu.cc
取消

选择聊天工具: