Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

The Critical Vulnerability in Microsoft 365 Copilot: A Threat to Enterprise Security


Microsoft's highly anticipated Copilot technology has been marred by a critical vulnerability known as SearchLeak, which allows attackers to steal emails, files, and MFA codes with just one click. This alarming finding underscores the importance of vigilance and proactive security measures in safeguarding enterprise data.

  • A critical vulnerability known as SearchLeak has been discovered in Microsoft 365 Copilot Enterprise Search, posing a significant threat to enterprise security.
  • The vulnerability is attributed to three bugs: command injection, parameter-to-prompt injection, and a race condition, which can be stacked together to create a one-click exfiltration path.
  • Attackers can exploit the vulnerability by injecting malicious instructions into the q parameter in the Copilot Enterprise Search URL, allowing them to steal sensitive information such as emails, files, and MFA codes with just one click.
  • The attack relies on exploiting a race condition in how the response renders, creating an opportunity for malicious requests to be executed before being neutralized.
  • Organizations should closely monitor Copilot Search URLs carrying encoded payloads or HTML in the q parameter and tighten data-access governance to reduce the potential impact of future leaks.



    • Microsoft's highly anticipated Copilot technology, designed to streamline enterprise search and data retrieval, has been marred by a critical vulnerability that poses a significant threat to enterprise security. In June 2026, researchers at Varonis Threat Labs discovered a one-click exfiltration path, dubbed "SearchLeak," which could potentially allow attackers to steal sensitive information from Microsoft 365 Copilot Enterprise Search. This alarming finding has left many in the cybersecurity community scrambling to understand the scope of the issue and potential mitigation strategies.

    The SearchLeak vulnerability is attributed to three bugs - a command injection, parameter-to-prompt injection, and a race condition - which can be stacked together to create a one-click exfiltration path. The entry point for this attack is the q parameter in the Copilot Enterprise Search URL, where an attacker can inject malicious instructions that instruct Copilot to search the mailbox, take an email title, and place it inside an image URL. This process is completed without requiring any user interaction beyond clicking on a seemingly innocuous link.

    The attack relies on exploiting a race condition in how the response renders, with Microsoft's guardrail wrapping Copilot output in blocks so that the browser treats markup as text. However, the timing of this wrapping - occurring after Copilot finishes generating and before the sanitizer runs - creates an opportunity for malicious requests to be executed before being neutralized. Furthermore, the Content Security Policy (CSP) on m365.cloud.microsoft allows images from arbitrary domains except for *.bing.com, creating a vulnerability that can be exploited by using Bing's "Search by Image" endpoint.

    This exploit enables attackers to access sensitive information such as one-time codes, MFA codes, password-reset links, calendar invites, meeting notes, and SharePoint or OneDrive files indexed by Copilot. These are time-sensitive prizes, making it imperative for organizations to take immediate action to mitigate this vulnerability.

    It is worth noting that Microsoft has already mitigated the SearchLeak vulnerability on its backend, thereby ensuring customer data remains secure. However, given the nature of the attack - which relies on exploiting multiple pre-existing bugs stacked together - tenant admins may not be able to patch or reconfigure the parts that failed due to the managed service nature of Copilot Enterprise.

    The discovery of this critical vulnerability serves as a stark reminder of the importance of vigilance and proactive security measures. Organizations should closely monitor Copilot Search URLs carrying encoded payloads or HTML in the q parameter, as well as for unusual outbound requests to Bing's image endpoints. Moreover, tightening data-access governance so that Copilot indexes less can help reduce the potential impact of future leaks.

    The implications of this vulnerability are far-reaching and underscore the evolving landscape of cybersecurity threats. As AI-powered technologies become increasingly prevalent in our digital lives, it is essential for organizations and individuals alike to stay informed about emerging vulnerabilities and develop effective strategies for mitigation.

    In conclusion, the SearchLeak vulnerability highlights a critical blind spot in Microsoft 365 Copilot Enterprise Search. While Microsoft has taken steps to mitigate this issue, it is crucial that tenants remain vigilant and proactive in securing their data. As we navigate an increasingly complex cybersecurity landscape, understanding and addressing vulnerabilities like SearchLeak will be paramount to protecting sensitive information.

    Microsoft's highly anticipated Copilot technology has been marred by a critical vulnerability known as SearchLeak, which allows attackers to steal emails, files, and MFA codes with just one click. This alarming finding underscores the importance of vigilance and proactive security measures in safeguarding enterprise data.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Critical-Vulnerability-in-Microsoft-365-Copilot-A-Threat-to-Enterprise-Security-ehn.shtml

  • https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html


    • Published: Thu Jun 18 00:38:54 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us