Anthropic's latest code aid tool, Claude Code, encountered an unexpected technical crisis at the beginning of its release. According to user feedback on GitHub, there is a serious vulnerability in Claude Code's automatic update feature, which may cause the user's workstation system to become unstable and even completely unusable under certain circumstances, which is the so-called "brick machine" state.
Preliminary investigations show that this problem mainly occurs when Claude Code is installed on systems with "root" or "superuser" permissions. This type of advanced permission allows the program to modify the underlying settings of the operating system. When an automatic update command with a vulnerability runs, the application may modify a directory of files that are usually strictly protected. In the worst case, these wrong instructions can completely damage the system and prevent it from starting properly.
A GitHub user revealed that they had to launch a "rescue instance" to fix file permissions that were accidentally corrupted by Claude Code commands. It is reported that the core of this vulnerability is that the automatic update command incorrectly changes the access rights of certain critical system files. File permissions determine which programs and users can read, modify files or run specific applications. The disorder of permissions directly leads to abnormal operation of the system.
Faced with sudden user feedback, Anthropic quickly took measures. The company has informed that they have removed the problematic automatic update command from Claude Code. Meanwhile, Anthropic has added a link to the program to the user's troubleshooting guide. It is worth mentioning that the link initially had a typo, but Anthropic claims have also been corrected.
As of press time, Anthropic has not made further official statements on the specific scope of impact caused by this incident and user data security issues. We will continue to pay attention to the progress of the incident.