Microsoft's blog discusses a straightforward jailbreak method, Context Compliance Attack (CCA), effective against many AI systems. CCA manipulates AI by exploiting reliance on client-supplied conversation history, allowing for context manipulation with minimal effort. Models maintaining conversation state, like Copilot and ChatGPT, are safe from this attack. Microsoft suggests enhancements like cryptographic signatures and server-side history to bolster AI safety. The implications of CCA stress the need for comprehensive security considerations in AI system designs, encouraging discussions on further mitigation strategies.
https://msrc.microsoft.com/blog/2025/03/jailbreaking-is-mostly-simpler-than-you-think/