Microsoft’s push to weave Copilot into the fabric of Microsoft 365 has hit a trust-defining snag: for months, under specific prompting conditions, the AI assistant’s access to source documents could be absent from Microsoft 365 audit logs, leaving security teams with empty entries where...
ai auditability
ai observability
audit logs
audit parity
cloud security
compliance
copilot
cvepolicy
data governance
data labeling
incident response
insider risk
microsoft 365
security
zero trust
Microsoft quietly patched a vulnerability in Microsoft 365 Copilot that allowed the assistant to read and summarize enterprise files without producing the expected Purview audit entry — a gap that, if exploited, could let insiders or attackers extract sensitive data while leaving no trace in...