You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
enterprise risk management
About this tag
Enterprise risk management on WindowsForum.com covers data governance failures in Microsoft 365 Copilot, such as the CW1226324 incident where a logic error allowed Copilot to bypass Data Loss Prevention (DLP) controls and process confidential emails. Discussions focus on how such vulnerabilities undermine enterprise data governance, the implications for compliance, and the need for robust risk management strategies in enterprise IT environments. The tag highlights real-world examples of security gaps in Microsoft's AI tools and the importance of monitoring and mitigating risks in enterprise software deployments.
Microsoft’s flagship productivity AI for Microsoft 365 has a glaring privacy problem: for weeks a code error allowed Copilot Chat to read and summarize emails that organizations had explicitly labelled as confidential, bypassing Data Loss Prevention (DLP) controls and undermining a core tenant...
Microsoft’s own service advisory confirms that a logic error in Microsoft 365 Copilot allowed the assistant to process and summarize email messages labeled “Confidential” in users’ Sent Items and Drafts folders — and that the company began rolling a server-side fix in early February 2026...