Microsoft Copilot (Microsoft 365): Receive coaching on your writing in Copilot in Word

🚨 The Signal: Copilot in Word now offers AI-generated writing coaching, reviewing content for structure, flow, and tone. This introduces new AI interaction patterns for users, potentially increasing exposure to prompt injection risks and the generation of sensitive content.

The Impact

All users interacting with Copilot in Word are affected, with a low security risk related to potential prompt injection and data exposure.

• End Users: May inadvertently expose sensitive data via prompts.
• Security Teams: Need to monitor for new prompt injection vectors.
• Compliance Teams: Must review data handling policies for AI interactions.

The Action

1. Review and update existing AI usage policies to include guidelines for writing coaching features.
2. Educate users on best practices for interacting with Copilot, emphasizing data sensitivity and prompt hygiene.
3. Monitor Microsoft Purview Audit logs for unusual Copilot activity or data sharing patterns.

Domain: Agentic-AI · Impact: low · Workload: M365 Apps