A severe zero-click vulnerability affects Claude Desktop Extensions, allowing attackers to gain remote access to users' computers simply by sending a malicious Google Calendar invite. The flaw holds a perfect CVSS score of 10/10 and impacts over 10,000 active users across more than 50 extensions. Discovered by LayerX, the issue arises from the way Claude integrates with the operating system, granting full system privileges to its extensions. Unlike traditional browser extensions that operate in a sandboxed environment, Claude’s design lacks necessary isolation, creating a significant security risk. The attack method relies on exploiting Claude's app integration capabilities. An attacker sends a deceptive Google Calendar invite with hidden malicious instructions. When a user prompts Claude to check their calendar, the AI processes the invite, executes the instructions, and unknowingly downloads malware without requiring any user interaction. This zero-click vulnerability allows attackers to install ransomware or steal sensitive data, posing a serious threat to users, especially those who connect their calendars, emails, or files to Claude. Despite LayerX's responsible disclosure of the vulnerability, no patch is expected soon. Addressing the flaw would require substantial changes to Claude's architecture, either limiting its autonomy or establishing stricter trust boundaries. In the meantime, users are advised to avoid using Claude on sensitive machines, audit its prompts carefully, and consider isolating it in a virtual environment. Monitoring for updates from Anthropic is also recommended, though no fixes are currently promised.