• Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. • According to a service alert seen by BleepingComputer, this bug (tracked under CW1226324 and first detected on January 21) affects the Copilot “work tab” chat feature, which incorrectly reads and summarizes emails stored in users’ Sent Items and Drafts folders, including messages that carry confidentiality labels explicitly designed to restrict access by automated tools. • Copilot Chat (short for Microsoft 365 Copilot Chat) is the company’s AI-powered, content-aware chat that lets users interact with AI agents. • Microsoft began rolling out Copilot Chat to Word, Excel, PowerPoint, Outlook, and OneNote for paying Microsoft 365 business customers in September 2025. • “Users’ email messages with a confidential label applied are being incorrectly processed by Microsoft 365 Copilot chat,” Microsoft said when it confirmed this issue. • “The Microsoft 365 Copilot ‘work tab’ Chat is summarizing email messages even though these email messages have a sensitivity label applied and a DLP policy is configured.” Microsoft has since confirmed that an unspecified code error is responsible and said it began rolling out a fix in early February.
Article Summaries:
- Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. According to a service alert seen by BleepingComputer, this bug (tracked under CW1226324 and first detected on January 21) affects the Copilot “work tab” chat feature, which incorrectly reads and summarizes emails stored in users’ Sent Items and Drafts folders, including messages that carry confidentiality labels explicitly designed to restrict access by automa
Sources: