Microsoft Corp. confirmed it is addressing a significant security lapse that allowed its Copilot AI to bypass privacy protections and summarize users’ confidential emails without authorization. The bug, which has persisted since late January, effectively ignored data loss prevention (DLP) protocols designed to keep sensitive corporate information out of the reach of large language models..
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/02/microsoft-patches-security-flaw-that-exposed-confidential-emails-to-ai/
