Sign in Subscribe
By Gary Shewan in AI

Fixed and fixed properly

This is interesting.

'Exclusive' article on Fortune today explaining how researchers discovered a zero-click attack on MS Copilot which starts with sending an email with hidden instructions (prompt injection). Microsoft have definitely fixed it though

(https://fortune.com/2025/06/11/microsoft-copilot-vulnerability-ai-agents-echoleak-hacking/)

BUT, because I have a memory that hasn't turned to mush from an over reliance on generative AI...what's this from August last year?

"Microsoft has fixed flaws in Copilot that allowed attackers to steal users' emails and other personal data by chaining together a series of LLM-specific attacks, beginning with prompt injection." - (https://www.theregister.com/2024/08/28/microsoft_copilot_copirate/?td=keepreading)

This is the point in a risk/root-cause kind of meeting where my brow starts furrowing, I start to stare and ask "Hang on..."

Sure it'll be grand though. All fixed now. There's fixed and fixed properly. Everyone knows that...

Subscribe to Gary P Shewan

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe