Microsoft Copilot vulnerability lets hackers steal personal data

August 28, 2024
1 min read





TLDR:

  • Microsoft 365 Copilot had a critical security flaw allowing hackers to steal personal data
  • The vulnerability combined prompt injection, automatic tool invocation, and ASCII smuggling

Researchers discovered a security flaw in Microsoft 365 Copilot that allowed attackers to exfiltrate sensitive user information through a sophisticated exploit chain. The vulnerability, which has been patched, combined prompt injection, automatic tool invocation, and ASCII smuggling. The exploit chain began with a malicious email or shared document containing a carefully crafted prompt injection payload, triggering Copilot to search for additional emails and documents without user interaction, bringing sensitive content into the chat context. The exploit could also trigger automatic tool invocation to retrieve data like Slack MFA codes or sales figures, and used ASCII smuggling to hide exfiltrated information within seemingly innocuous clickable hyperlinks. Microsoft has addressed the vulnerabilities following responsible disclosure in January 2024, with the original proof-of-concept exploits no longer working. The exact fix details are unclear, but the exploit chain has been neutralized.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and