Researchers have uncovered a new attack method called Reprompt that exploits Microsoft Copilot to exfiltrate user data via a malicious link. This attack bypasses data leak protections and enables ongoing data extraction even after the AI chat session ends. #Reprompt #MicrosoftCopilot #AIDataLeak
Keypoints
- The Reprompt attack uses a parameter injection technique to trick Microsoft Copilot into executing malicious prompts.
- It exploits the ‘q’ parameter in URLs to trigger unauthorized actions when clicked by users.
- The attack can bypass initial data protections by repeatedly requesting URLs with sensitive information.
- Chain requests allow continuous, undetectable data exfiltration through user sessions.
- Microsoft has fixed the vulnerability, and enterprise users are not affected by the flaw.
Read More: https://www.securityweek.com/new-reprompt-attack-silently-siphons-microsoft-copilot-data/