Microsoft Edge: Upgraded Copilot new tab page

🚨 The Signal: Microsoft Edge's new tab page now features an upgraded Copilot experience, integrating search, chat, and work content. This change increases potential data exposure and introduces new vectors for prompt injection and information leakage.

The Impact

All users are affected, increasing the risk of inadvertent data exposure and prompt injection attacks through the browser.

  • End users: Increased risk of accidental sensitive data input into Copilot.
  • Security teams: New attack surface for prompt injection and data exfiltration.
  • Admins: Requires review of browser policies to manage Copilot interactions.
  • Compliance teams: Potential for non-compliance with data handling policies.

The Action

  1. Review and apply Microsoft Edge policies to control Copilot access and data sharing (e.g., 'Configure Copilot in Microsoft Edge').
  2. Educate users on responsible use of Copilot, emphasizing not to input sensitive or classified information.
  3. Implement Data Loss Prevention (DLP) policies to monitor and restrict sensitive data sharing via browser-based AI interactions.
  4. Regularly audit Copilot usage logs for unusual activity or potential data exfiltration attempts.
  5. Consider deploying Microsoft Purview Adaptive Protection to dynamically adjust access based on risk.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps · Essential Eight: User Application Hardening · ISM: ISM-1412, ISM-1485, ISM-1486, ISM-1542, ISM-1585, ISM-1667, ISM-1668, ISM-1669, ISM-1670, ISM-1823, ISM-1824, ISM-1859, ISM-1860