< ciso
brief />
Tag Banner

All news with #microsoft copilot tag

56 articles · page 2 of 3

AI Assistants Exploited as Covert C2 Relay Channels

🛡️ AI assistants with web-browsing features can be abused as covert command-and-control (C2) relays. Check Point Research found that platforms such as Grok and Microsoft Copilot can be prompted to fetch attacker-controlled URLs and return embedded instructions, effectively acting as a proxy without requiring an API key or account. Attackers can tunnel encoded data via URL parameters and receive commands in the assistant's summary, disguising malicious traffic as routine AI usage.
read more →

Microsoft: Copilot Bug Summarizes Confidential Emails

⚠️Microsoft says a bug in Microsoft 365 Copilot has been summarizing confidential emails since late January, bypassing organizations' configured data loss prevention (DLP) safeguards. The flaw affected the Copilot 'work tab' chat and improperly read messages stored in Sent Items and Drafts, including those with sensitivity labels intended to block automated processing. Microsoft attributes the behavior to a code error, began rolling out a fix in early February, and is monitoring deployment while contacting a subset of impacted users. The company has not yet disclosed the full scope or number of affected organizations and has flagged the incident as an advisory.
read more →

Researchers Find Copilot and Grok Can Be Used as C2 Proxies

⚠️ Microsoft Copilot and xAI Grok can be abused as stealthy command-and-control relays by exploiting their web-browsing and URL-fetch features, a technique Check Point calls AI as a C2 proxy. In demonstrations, implanted malware issues crafted prompts that cause the AI agent to fetch attacker-controlled URLs and return executable responses, creating a bidirectional channel without requiring API keys or registered accounts. The method enables dynamic code generation, reconnaissance and evasion, and can blend malicious traffic into legitimate enterprise communications, complicating detection and response.
read more →

Copilot Studio Agent Security: Top 10 Detectable Risks

🔒 The Microsoft Defender Security Research Team describes the top 10 misconfigurations that make Copilot Studio agents risky across enterprises. The post explains how small choices — broad sharing, weak authentication, raw HTTP calls, hard-coded secrets, orphaned agents, and unconstrained orchestration — create exploitable paths. It includes Advanced Hunting Community Queries to detect these issues and a short mitigation checklist to reduce exposure. The guidance stresses treating agents as production assets with lifecycle governance and least-privilege controls.
read more →

Microsoft at RSAC 2026: Securing the Agentic AI Era

🔒 Join Microsoft at RSAC 2026 (March 22–26) to learn how AI agents are reshaping both opportunity and risk and what defenders must do next. Microsoft previews its vision for Ambient and Autonomous Security and highlights solutions like Agent 365 that deliver observability and protection across the AI stack. Attend Microsoft Pre-Day keynotes, executive roundtables, booth demos, and hands-on experiences to get practical guidance, product demos, and partner insights.
read more →

Microsoft brings AI to Notepad and Paint on Windows

🧰 Microsoft is rolling out AI enhancements to Notepad and Paint for Windows 11 Insiders in the Canary and Dev channels. Notepad now streams AI-generated previews for Write, Rewrite, and Summarize and adds expanded Markdown formatting and a welcome screen to surface new features. Paint introduces an AI-powered Coloring Book for Copilot+ PCs and a fill tolerance slider for finer control. Both features require Microsoft account sign-in and can be disabled or uninstalled.
read more →

Reprompt: One-click exfiltration via Microsoft Copilot

🔐 Researchers at Varonis Threat Labs uncovered 'Reprompt', a one-click attack that abuses Microsoft Copilot Personal by embedding prompts in URLs and using follow-up server requests to exfiltrate data. It combines a URL 'q' parameter injection, a double-request bypass of initial sanitization, and chained server instructions to siphon conversation history and files without further user interaction. Microsoft issued a patch; organizations should treat prefilled prompts as untrusted and enforce continuous authentication, least privilege, prompt hygiene, auditing, and anomaly detection.
read more →

Reprompt attack: single-click data exfiltration from Copilot

🔒 Cybersecurity researchers disclosed a novel method called Reprompt that can enable single-click data exfiltration from AI chatbots, notably Microsoft Copilot, while bypassing typical enterprise controls. The technique exploits the Copilot q URL parameter to inject instructions from a link, then uses repeated requests and a remote attacker server to continue covert fetching and return of sensitive data with no further user interaction. Microsoft says it addressed the issue and that Microsoft 365 Copilot enterprise customers are not affected, but researchers warn the approach turns Copilot into an invisible exfiltration channel.
read more →

Reprompt Attack Could Hijack Microsoft Copilot Sessions

⚠️ Security researchers at Varonis disclosed a vulnerability, dubbed Reprompt, that could let attackers hijack a user's Copilot Personal session by embedding malicious instructions in a URL. The attack leverages the 'q' URL parameter to inject prompts that execute when the page loads, then uses chained server-side follow-up requests to maintain access and exfiltrate data after a single click. Varonis reported the issue to Microsoft on August 31, and Microsoft issued a fix on the January 2026 Patch Tuesday; users should apply the latest Windows update promptly.
read more →

Microsoft to Let IT Admins Uninstall Copilot on Devices

🔧 Microsoft is testing a new Group Policy, RemoveMicrosoftCopilotApp, that enables IT administrators to uninstall the AI-powered Copilot app on managed Windows devices. The policy began rolling out in the Dev and Beta Insider channels with Windows 11 Insider Preview Build 26220.7535 (KB5072046) and applies to endpoints managed via Microsoft Intune or SCCM. It targets systems where both Microsoft 365 Copilot and Microsoft Copilot are installed, the app was not user-installed, and it hasn't been launched in the last 28 days. Admins can enable the setting at User Configuration -> Administrative Templates -> Windows AI -> Remove Microsoft Copilot App; users may still reinstall if they choose.
read more →

Personal LLM Accounts Fuel Rise in Shadow AI Risks

🛡️ The growing use of generative AI in the workplace is raising security concerns as many employees access tools via personal accounts. Netskope's 2026 Cloud and Threat Report found 47% of workplace generative AI usage occurs through personal ChatGPT, Google Gemini or Microsoft Copilot accounts, reducing visibility and controls. Reported data-policy violations tied to LLMs have doubled, averaging 223 incidents per month and involving sensitive source code, intellectual property and credentials. Organizations are starting to curb Shadow AI use, but the report warns that stronger governance and employee education remain essential.
read more →

Are Copilot Prompt Injections Vulnerabilities or Limits?

🔍 Microsoft pushed back after security engineer John Russell disclosed multiple prompt injection and sandbox-related issues in Copilot, which the company says do not meet its vulnerability criteria. Russell reported indirect and direct prompt injection that could leak the system prompt, a file-upload bypass via base64-encoding, and the execution of commands inside Copilot's isolated Linux environment. Microsoft told BleepingComputer it reviewed the reports against its public bug bar and assessed them as out of scope when they did not cross clear security boundaries or impacted only the requesting user's environment. The exchange highlights differing definitions of AI risk between vendors and researchers.
read more →

Microsoft Copilot Rolls Out GPT-5.2 Smart Plus Mode

🚀 Microsoft is rolling out GPT-5.2 to Copilot on web, Windows, and mobile as a free upgrade that will coexist with the existing GPT-5.1 model. The new option appears as a 'Smart Plus' mode and uses a 'Thinking' variant designed for more complex, multi-step tasks. OpenAI positions GPT-5.2 as its strongest model family yet, improving productivity for spreadsheets, presentations, coding, document understanding, image work, and tool use.
read more →

Microsoft Investigates Copilot Outage Affecting Europe

⚠️Microsoft is mitigating an incident that has blocked or degraded access to its AI-powered Copilot service for users in the United Kingdom and parts of Europe. The company says telemetry points to an unexpected traffic surge that prevented service autoscaling, and engineers are manually scaling capacity to restore availability. A related admin-facing issue is also affecting some Microsoft Defender for Endpoint features.
read more →

Azure Introduces Copilot Agents and AI Infrastructure

🚀 At Microsoft Ignite 2025, Microsoft unveiled a suite of Azure infrastructure and AI operational innovations built for scale, reliability, and security. Azure Copilot introduces an agentic operations model with six specialized agents—migration, deployment, optimization, observability, resiliency, and troubleshooting—designed to automate routine cloud management while enforcing RBAC and policy. The release also highlights new AI datacenter architecture (Fairwater), deployment of NVIDIA GB300 GPUs at scale, and platform improvements like Azure Boost and AKS Automatic to accelerate performance and reduce operational overhead.
read more →

Security Copilot Agents Included with Microsoft 365 E5

🛡️ Microsoft is including Security Copilot agents in Microsoft 365 E5, embedding AI-driven assistants across Defender, Entra, Intune, and Purview to accelerate investigations and automate routine tasks. The rollout begins today for existing Security Copilot customers on E5 and will expand to all E5 tenants in the coming months with a 30-day notification. The announcement adds 12 Microsoft-built preview agents, 30+ partner agents, and support for customer-built agents to tailor workflows.
read more →

Windows 11 Build 26220.7051 Adds Ask Copilot Taskbar

🖥️ Windows 11 Build 26220.7051 introduces a taskbar-based Ask Copilot, allowing testers to query the web, local files, and AI using text or voice. The feature is optional and can be enabled under Settings > Personalization > Taskbar; Microsoft says it may eventually replace the existing Windows Search UI. The update also rolls out a full-screen Xbox handheld experience, a Bluetooth LE-based "Shared audio" preview to stream audio to two devices, and improved x64 emulation support to boost ARM PC performance.
read more →

Windows 11 Build 26220.7051 Adds Ask Copilot and More

🗞️ Windows 11 Build 26220.7051 is rolling out to Insiders and introduces three headline features: a taskbar-based Ask Copilot, a new full-screen Xbox experience for handhelds, and Bluetooth Shared audio. Ask Copilot lets users search the internet, local files, and AI using text or voice and can be enabled via Settings > Personalization > Taskbar > Ask Copilot. The new full-screen experience (FSE) aims to prioritize gaming on compatible handheld devices and can be set under Settings > Gaming > Full screen experience. Additionally, Windows now supports sharing audio to two Bluetooth devices and improves ARM PC performance by expanding x64 emulation support.
read more →

Microsoft adds Copilot to more Microsoft 365 companion apps

🤖 Microsoft is extending Copilot functionality across its Microsoft 365 companion apps, with People and Files already supported and Calendar due in the coming weeks. These taskbar mini-apps—available only to enterprise and business Microsoft 365 customers—surface contextual info like contact details, org-wide search and OneDrive file results. Microsoft says Copilot now offers instant suggestions such as recaps, flagged comments, and updates from top collaborators, and supports seamless handoff to the full Microsoft 365 Copilot app for deeper inquiries. There is no indication that Copilot can be disabled within these companion apps.
read more →

Microsoft Copilot adds App Builder and Workflows agents

🤖 Microsoft introduced two new Microsoft 365 Copilot agents, App Builder and Workflows, to help employees create apps and automate tasks using their Microsoft 365 data. Users can describe requirements in natural language and Copilot will generate interactive elements or automated flows across Outlook, Teams, SharePoint, Planner and other services. Outputs are integrated with the Copilot experience and protected by enterprise-grade security and role-based access controls. App Builder will be added to the Agent Store this week, while Workflows is already available to customers enrolled in the Frontier program.
read more →