{"id":3884,"date":"2025-08-26T10:37:24","date_gmt":"2025-08-26T10:37:24","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3884"},"modified":"2025-08-26T10:37:24","modified_gmt":"2025-08-26T10:37:24","slug":"critical-vulnerabilities-in-microsofts-m365-copilot","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/","title":{"rendered":"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">The most interesting thing about Microsoft Copilot right now isn\u2019t what it can do for productivity. It\u2019s what it quietly exposes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Over the last few weeks, two separate vulnerabilities came to light, both inside Copilot for Microsoft 365, both serious, and both raising the same uncomfortable question. How much can enterprises really trust AI in the middle of their most sensitive systems?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-flaw-1-audit-logs-that-lie\">Flaw 1: Audit Logs That Lie<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Security researcher <strong>Zack Korman<\/strong> discovered in July 2025 that you could ask Copilot to summarise sensitive company files, and Copilot would do it without leaving any trace in the audit logs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">He found that you could ask M365 Copilot to summarise any company <strong>file without leaving a trace in the audit logs.<\/strong> All you had to do was ask <strong>Copilot to summarise<\/strong> a document without providing a link to it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Read Also:<\/strong> <a href=\"https:\/\/certera.com\/blog\/google-gemini-vulnerability-allows-ai-generated-phishing-via-hidden-html-prompts\/\">Google Gemini Vulnerability Allows AI-Generated Phishing via Hidden HTML Prompts<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Michael Bargury<\/strong> had actually demonstrated this <strong>exact problem at Black Hat<\/strong> in August 2024. But Microsoft didn&#8217;t bother fixing it until Korman reported it again in July 2025. Even then, they classified it as merely <strong>\u201cimportant\u201d<\/strong> rather than <strong>\u201ccritical\u201d,<\/strong> and they fixed these bugs silently without telling users about it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This means if your organisation used Copilot before August 18th, 2025, your audit logs are incomplete. But Microsoft won&#8217;t tell you that.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-flaw-2-policies-that-don-t-protect\">Flaw 2: Policies That Don\u2019t Protect<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">At almost the same time, Microsoft engineers uncovered another problem.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The second flaw was even more fundamental. Microsoft&#8217;s Copilot Agent Policies, the rules that determine who can access which AI agents, weren&#8217;t actually being enforced where it mattered.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Read Also:<\/strong> <a href=\"https:\/\/certera.com\/blog\/gmail-phishing-with-prompt-injection-tricks-humans-and-ai\/\">Gmail Phishing with Prompt Injection: Tricks Humans and AI. Are You Ready?<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Administrators could set up elaborate access controls through the Microsoft 365 admin centre. They could restrict sensitive AI agents to only privileged users. But these restrictions only applied to the admin interface itself, not to the underlying API that actually runs the agents.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Any user<\/strong> with <strong>basic Microsoft 365 access<\/strong> could query the <strong>Graph API directly<\/strong> and discover <strong>all the AI agents<\/strong> in the organisation, including those marked as \u201c<strong>private<\/strong>\u201d. Worse, they could then invoke these agents without any policy checks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Microsoft rated it critical (CVSS 9.1), patched it in August, and did at least notify admins this time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-why-this-matters\">Why This Matters?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">These do not just represent bugs. They are symptoms of a problem deeper with how we conceive of AI security.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Both vulnerabilities reside in the same theoretical reasoning mistake of considering AI systems the same way one would consider traditional software. Traditional software is well-defined. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You either have access to a file or you don&#8217;t. AI systems are not the same. However, there are ways in which they synthesise information across sources that blur those boundaries.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When Copilot summarises a document not linked directly to, is that accessing the document? According to the Microsoft audit system, when an employee makes a request through Graph API to visit the agent information, are they bypassing the policy controls? <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Microsoft&#8217;s enforcement mechanism did not think so. The consequence is a security paradigm that functions in theory but fails in practice.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-transparency-problem\">The Transparency Problem<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Perhaps more troubling than the vulnerabilities themselves is how Microsoft handled disclosure. They fixed the audit logging issue quietly, without telling customers their logs were incomplete. They only assigned a CVE to the agent policy flaw because of its severity score.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This creates a trust problem. If Microsoft won&#8217;t tell you about &#8220;important&#8221; security issues, how can you make informed decisions about using their products? How can you explain to auditors or regulators why your compliance data might be wrong?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cloud providers argue that not every vulnerability needs public disclosure. They say it would create alert fatigue if they announced every security fix. But this position assumes customers trust the provider to make the right decisions about what&#8217;s important.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-recommendations\">Recommendations<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Assume that your historical audit data is not complete in case you use Microsoft Copilot. Virtualise your agent settings so that the agents that are required are the ones that are set up. Also, watch out when monitoring Graph APIs in case of unusual pattern use.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And more essentially, you have to update your cognitive map of AI security. Such systems do not observe conventional limits in the manner to which we are accustomed. And the complexity that renders them useful at the same time renders them unpredictable.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Whether security holes will exist in AI systems is not the question. They will. The question is whether the companies constructing them will be open about such imperfections when they arise<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That transparency can easily be something to which you feel you should not be certain.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The most interesting thing about Microsoft Copilot right now isn\u2019t what it can do for productivity. It\u2019s what it quietly exposes. Over the last few weeks, two separate vulnerabilities came to light, both inside Copilot for Microsoft 365, both serious, and both raising the same uncomfortable question. How much can enterprises really trust AI in<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3886,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[752,753],"class_list":["post-3884","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerability","tag-copilot-vulnerability","tag-m365-copilot-security-bypass","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.6 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Microsoft Copilot Security Problem is Bigger Than It Looks<\/title>\n<meta name=\"description\" content=\"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework &amp; Audit Logs. Know more and take actions.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw\" \/>\n<meta property=\"og:description\" content=\"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework &amp; Audit Logs. Know more and take actions.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-26T10:37:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw\",\"datePublished\":\"2025-08-26T10:37:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/\"},\"wordCount\":790,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/microsoft-copilot-vulnerabilities.webp\",\"keywords\":[\"Copilot Vulnerability\",\"M365 Copilot Security Bypass\"],\"articleSection\":[\"Vulnerability\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/\",\"name\":\"Microsoft Copilot Security Problem is Bigger Than It Looks\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/microsoft-copilot-vulnerabilities.webp\",\"datePublished\":\"2025-08-26T10:37:24+00:00\",\"description\":\"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework & Audit Logs. Know more and take actions.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/microsoft-copilot-vulnerabilities.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/microsoft-copilot-vulnerabilities.webp\",\"width\":960,\"height\":620,\"caption\":\"Microsoft Copilot Security Flaws\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-vulnerabilities-in-microsofts-m365-copilot\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Microsoft Copilot Security Problem is Bigger Than It Looks","description":"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework & Audit Logs. Know more and take actions.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/","og_locale":"en_US","og_type":"article","og_title":"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw","og_description":"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework & Audit Logs. Know more and take actions.","og_url":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2025-08-26T10:37:24+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw","datePublished":"2025-08-26T10:37:24+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/"},"wordCount":790,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp","keywords":["Copilot Vulnerability","M365 Copilot Security Bypass"],"articleSection":["Vulnerability"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/","url":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/","name":"Microsoft Copilot Security Problem is Bigger Than It Looks","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp","datePublished":"2025-08-26T10:37:24+00:00","description":"Microsoft has disclosed recently two critical flaws in its Copilot agents\u2019 governance framework & Audit Logs. Know more and take actions.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/microsoft-copilot-vulnerabilities.webp","width":960,"height":620,"caption":"Microsoft Copilot Security Flaws"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/critical-vulnerabilities-in-microsofts-m365-copilot\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Critical Vulnerability in M365 Copilot: Agent Policy Flaw &amp; Bypass Audit Logs Flaw"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3884","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3884"}],"version-history":[{"count":2,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3884\/revisions"}],"predecessor-version":[{"id":3888,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3884\/revisions\/3888"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3886"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3884"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}