Microsoft Copilot Cowork Exfiltrates Files

Microsoft Copilot Cowork in Microsoft 365 is vulnerable to file exfiltration attacks via indirect prompt injection, exploiting the fact that sending emails and Teams messages to the active user occurs without manual approval. Attackers can use poisoned skills to cause Copilot Cowork to send messages containing pre-authenticated download links to sensitive files, which are exfiltrated when the user opens the messages, posing a significant security risk that can be mitigated by restricting permissions and file downloads in SharePoint.

https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top