Microsoft Copilot (Microsoft 365): Realtime voice interactions in Word and PowerPoint

🚨 The Signal: Copilot in Word and PowerPoint now supports real-time voice interactions. This introduces new vectors for data exfiltration and prompt injection, increasing the risk of sensitive information exposure through conversational AI.

The Impact

All users interacting with Copilot are affected, increasing the risk of sensitive data exposure and prompt injection.

• End-users: Risk of inadvertently disclosing sensitive information via voice input.
• Security Teams: Increased surface area for prompt injection attacks and data exfiltration.
• Compliance Officers: New challenges in monitoring and auditing data handled by AI via voice.
• Data Owners: Potential for sensitive data to be processed or summarised by AI without explicit consent.

The Action

1. Review and update existing Copilot data governance policies to explicitly address voice input.
2. Educate users on the risks of sharing sensitive information via voice with Copilot.
3. Monitor Copilot usage logs for unusual activity or potential data exfiltration attempts.
4. Implement Microsoft Purview Data Loss Prevention (DLP) policies to detect and prevent sensitive data sharing through Copilot interactions.
5. Configure Copilot content filters and safety settings within the Microsoft 365 admin center to mitigate prompt injection risks.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps