38 votes

Copilot broke your audit log, but Microsoft won’t tell you

Posted by xk3
Tags: security, search, artificial intelligence, microsoft, copilot, logs.audit, vulnerabilities, author.zack korman, source.pistachioapp
https://pistachioapp.com/blog/copilot-broke-your-audit-log

Link information

This data is scraped automatically and may be incorrect.

Authors
Zack Korman
Word count
1191 words

4 comments

  1. [4]
    TheD00d
    Link
    Maybe our tenant is configured poorly, or correctly, but if I wanted Copilot to access some data (for example sharepoint) I would still have to provide Copilot with local copy of the data. Even...

    Maybe our tenant is configured poorly, or correctly, but if I wanted Copilot to access some data (for example sharepoint) I would still have to provide Copilot with local copy of the data. Even when I run the Copilot chat from our SharePoint site. If that is the case, could you just not limit Copilot to local files only and not anything in your M365 tenant?

    5 votes
    1. [3]
      Bwerf
      Link Parent
      The issue here is not that its accessing forbidden data, the issue is that it didn't log the access to allowed data and Microsoft is not informing their users about this serious bug. Limiting...

      The issue here is not that its accessing forbidden data, the issue is that it didn't log the access to allowed data and Microsoft is not informing their users about this serious bug. Limiting access wouldnt be helpful.

      15 votes
      1. [2]
        TheD00d
        Link Parent
        I'm aware of what the issue was. I was attempting to repeat the findings to actually validate. That's where I was struggling and asked lol Leave it to MS to not have adequate auditing for a tool.

        I'm aware of what the issue was. I was attempting to repeat the findings to actually validate. That's where I was struggling and asked lol

        Leave it to MS to not have adequate auditing for a tool.

        1 vote