CVE-2025-32711 Aka EchoLeak Vulnerability in Microsoft 365 Copilot AI Now Fixed

Technology

⚡CVE-2025-32711 Aka EchoLeak Vulnerability in Microsoft 365 Copilot AI Now Fixed

By Team Latestly

CVE-2025-32711 Aka EchoLeak Vulnerability in Microsoft 365 Copilot AI Now Fixed

EchoLeak, the first-ever zero-click vulnerability (CVE-2025-32711), was discovered by Aim Labs in Microsoft 365 Copilot AI. It allowed attackers to silently steal sensitive user data through hidden prompts in emails without user interaction. Microsoft has fixed the security flaw with a server-side update.