Researchers recently uncovered a significant security flaw in Microsoft 365 Copilot that allowed attackers to steal sensitive user information through an elaborate exploit chain. Discovered by Johann Rehberger, the vulnerability exploited prompt injection, automatic tool invocation, and a novel method known as ASCII smuggling to bypass security measures. Attackers initiated the exploit with a malicious email or document, which then prompted Copilot to inadvertently search for and expose sensitive data, such as Slack MFA codes or sales figures. The ASCII smuggling technique cleverly hid this data within hyperlinks, making it invisible in the user interface but accessible once clicked, leading to data being sent to attacker-controlled servers.
Microsoft has since patched the vulnerability, following Rehberger’s responsible disclosure in January 2024. The specifics of the fix remain undisclosed, but the original proof-of-concept exploits are no longer effective, indicating changes in how hyperlinks are rendered. This incident highlights the importance of continuous vigilance and prompt action in the face of evolving cybersecurity threats.
Read more at Cyber Security News…