Microsoft Copilot (Microsoft 365): Quickly start a chat with Copilot from anywhere on your PC

🚨 The Signal: A new keyboard shortcut (Win + C or Copilot key) provides instant access to Copilot on Windows 11. This increases the attack surface for prompt injection and data exfiltration via AI agents.

The Impact

All Windows 11 users are affected, increasing the risk of inadvertent data exposure and prompt injection attacks.

• End-users: Increased risk of accidental sensitive data input into Copilot.
• Security Teams: New vector for prompt injection attacks and data exfiltration.
• Admins: Requires review of existing Copilot data governance policies.
• Organisations: Potential for non-compliance with data handling regulations.

The Action

1. Review and enforce Microsoft Purview Data Loss Prevention (DLP) policies for Copilot.
2. Educate users on responsible AI use, data privacy, and prompt engineering best practices.
3. Monitor Microsoft 365 audit logs for unusual Copilot activity or data sharing.
4. Evaluate Microsoft Entra Conditional Access policies for Copilot access from unmanaged devices.
5. Consider disabling Copilot for specific user groups if data sensitivity is high via Intune or Group Policy.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps