China warns about AI risks with Anthropic's Claude Code
China said specific versions of Claude Code posed back-door vulnerabilities that could send sensitive information to a remote server.
Security officers keep watch in front of an AI (Artificial Intelligence) sign at the annual Huawei Connect event in Shanghai, China, September 18, 2019.
Aly Song | Reuters
BEIJING — China on Wednesday warned of "back-door" security risks affecting companies that use U.S.-based company Anthropic's Claude Code artificial intelligence tool.
It comes as the U.S.-China tech race intensifies, with Anthropic last month blaming Chinese company Alibaba for attempting to extract its AI capabilities, which are not officially available in China. Alibaba did not comment on the accusations at the time.
Many locals in China have found ways to use U.S. AI tools, however. In March, a Xiaomi AI developer said at a state-organized forum that many were using Claude Code. And Alibaba has ordered its employees to stop using Anthropic tools for work starting July 10, CNBC confirmed on Monday.
The Chinese Ministry of Industry and Information Technology said Wednesday its cybersecurity threat platform found "AI coding tool Claude Code contains a security back-door vulnerability that poses a serious threat."
The autonomous coding tool can send sensitive information to a remote server without a user's consent, the statement said in Chinese, according to a CNBC translation. It noted that the information could include a user's location and identity.
Users should uninstall or upgrade from the affected Claude Code versions, 2.1.91 to 2.1.196, the cybersecurity platform said. That covers versions released from April 2 to June 29, according to Anthropic's website, which says the latest version of Claude Code as of Wednesday is 2.1.204.
Anthropic did not immediately respond to a CNBC request for comment.
JaneWalter