November 28, 2024 at 06:07AM Microsoft has patched vulnerabilities in several services, including Azure and Copilot Studio, with one flaw described as ‘exploited.’ The vulnerabilities, mostly related to privilege escalation, have been assigned CVE identifiers for transparency. Users don’t need to take action, as patching occurs automatically over several days. ### Meeting Takeaways on Microsoft … Read more
August 21, 2024 at 12:36PM Researchers have uncovered a critical security flaw in Microsoft’s Copilot Studio (CVE-2024-38206) that allows unauthorized access to sensitive information. Microsoft has addressed the vulnerability and stated no customer action is required. The disclosure follows the announcement of security flaws in Microsoft’s Azure Health Bot Service and the upcoming enforcement of … Read more
August 7, 2024 at 02:27PM Enterprise usage of Microsoft’s Copilot Studio, a no-code chatbot creation tool, has surged within nine months of its release. However, security researcher Michael Bargury highlighted serious security vulnerabilities that could lead to data exfiltration and bypassing controls. Despite Microsoft addressing some issues, careful implementation and admin controls are essential to … Read more