Microsoft Copilot bug, identified as CW1226324, was first detected on January 21.
Photo Credit: Microsoft
Microsoft reportedly attributed the issue to an unspecified code error
Microsoft added Copilot Chat across its Word, Excel, PowerPoint, and Outlook platforms last year. Now, a recently discovered bug appears to have caused trouble. A Microsoft 365 Copilot bug reportedly allowed the AI assistant to summarise confidential emails for several weeks without permission. This move bypasses Data Loss Prevention (DLP) policies that organisations use to protect sensitive data. Microsoft said to have issued a fix for the bug, but the situation has raised serious privacy concerns. Outlook's confidential labelling is generally used for communicating sensitive data.
The company confirmed to Bleeping Computer that a Microsoft 365 Copilot bug allowed the AI assistant to summarise confidential emails since late January. The bug, identified as CW1226324, was first detected on January 21, and it reportedly affects the Copilot "work tab" chat feature.
The flaw causes Copilot to read and summarise emails stored in users' Sent Items and Drafts folders, including messages protected with confidentiality labels designed to restrict access by automated processing.
The bug reportedly bypassed Data Loss Prevention (DLP) policies, which organisations rely on to safeguard sensitive information. Microsoft reportedly acknowledged the issue, saying, “Users' email messages with a confidential label applied are being incorrectly processed by Microsoft 365 Copilot chat". The company reportedly said that the 'work tab Chat' feature was summarising such emails despite sensitivity labels and DLP policies being in place.
The company reportedly attributed the issue to an unspecified code error and said it began rolling out a fix in early February. The report further states that as of Wednesday, the company said it continues to monitor the deployment and is contacting a subset of affected users to confirm the fix is functioning.
Microsoft has not disclosed how many users are affected by this bug. The latest bug comes as Microsoft expands to AI capabilities across Outlook, Word, Excel, and PowerPoint. The company launched new AI-powered shopping features for Copilot in the Edge browser late last year.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.
OpenAI Plans to Set Up Offices in Mumbai, Bengaluru; Will Build AI Data Centre With Tata Group