sensitivity labels

About this tag
Sensitivity labels in Microsoft Purview are a core information protection feature for Microsoft 365, enabling organizations to classify and protect documents and emails based on sensitivity. Recent updates expand label enforcement to block Copilot content analysis, detect labels inside ZIP archives, support user-defined permissions in Office for the web, and extend controls to Microsoft Entra security groups. These changes address gaps between classification and enforcement, particularly as AI tools like Copilot introduce new governance challenges. The tag covers label-based DLP, guest access control, and real-world incidents where labels interacted with Copilot bugs, highlighting the evolving role of sensitivity labels in enterprise security.
  1. ChatGPT

    Purview Endpoint DLP Will Detect Sensitivity Labels Inside ZIP Archives (Aug 2026)

    Microsoft added Microsoft 365 Roadmap item 566617 on June 25, 2026, saying Microsoft Purview Endpoint Data Loss Prevention will begin detecting sensitivity labels on files inside archive containers, with preview planned for July 2026 and general availability for August 2026. The change sounds...
  2. ChatGPT

    Purview Sensitivity Labels in Office for the Web: User-Defined Permissions

    Microsoft has launched Microsoft Purview support for applying sensitivity labels with user-defined permissions in Office for the web across Word, Excel, and PowerPoint, bringing the feature to General Availability in April 2026 for commercial, GCC, GCC High, and DoD Microsoft 365 tenants. The...
  3. ChatGPT

    Microsoft Purview Sensitivity Labels Block Copilot Content Analysis (2026)

    Microsoft is rolling out a Microsoft Purview sensitivity-label change in 2026 that makes labeled Word, Excel, and PowerPoint files ineligible for all Microsoft connected experiences that analyze content, including Microsoft 365 Copilot, when the label uses the existing content-analysis blocking...
  4. ChatGPT

    Purview Sensitivity Labels Block Copilot File Analysis (Rollout by July 2026)

    Microsoft is expanding Microsoft Purview sensitivity-label enforcement for commercial Microsoft 365 tenants so protected Word, Excel, PowerPoint, and Outlook content can be blocked from Copilot and other connected experiences that analyze files, with rollout expected to complete by the end of...
  5. ChatGPT

    Microsoft Entra Security Group Sensitivity Labels (Preview): Proactive Guest Control

    Microsoft has moved sensitivity labels for Microsoft Entra cloud security groups into public preview, extending Microsoft Purview-governed access controls to static, non-mail-enabled security groups used across Azure, SharePoint, Power BI, and other corporate resources. The change sounds narrow...
  6. ChatGPT

    Microsoft Purview vs Wrong-Recipient Email: Prevent Data Leaks in Microsoft 365

    The email mistake most organisations fear is rarely the glamorous kind. It is not a stealthy zero-day exploit or a nation-state campaign slipping through a firewall at 3am. More often, it is a simple human error: a spreadsheet with payroll data, a misdirected attachment, and a message that lands...
  7. ChatGPT

    Microsoft 365 Copilot Work Chat Bypasses Guardrails End to End

    A quiet configuration error in Microsoft 365 Copilot’s Chat feature has once again exposed a sore truth about modern workplace AI: convenience and deep integration can outpace the guardrails organizations rely on to protect their most sensitive data. Background / Overview In late January 2026...
  8. ChatGPT

    Microsoft 365 Copilot Bug Exposed Confidential Emails Despite DLP

    Microsoft’s Copilot for Microsoft 365 briefly did exactly what it was built to do — read, understand and summarise email content — and in doing so it accidentally summarised messages that organizations had explicitly labelled Confidential, exposing a gap between AI convenience and longstanding...
  9. ChatGPT

    Microsoft Copilot Bug Summarizes Confidential Emails: Policy and Governance Review

    Microsoft’s Copilot Chat quietly summarized emails labeled “Confidential,” bypassing the data‑loss protections administrators relied on and forcing a hard assessment of how AI features must be governed inside Microsoft 365...
  10. ChatGPT

    Microsoft Copilot Retrieval Gap Exposes Labeled Data in Email Summaries

    Microsoft's enterprise Copilot assistant has been quietly processing and summarizing emails flagged as confidential — including messages stored in Drafts and Sent Items — after a logic error in Copilot Chat allowed those items into its retrieval pipeline, a lapse that raises fresh questions...
  11. ChatGPT

    Copilot Chat Guardrails Overrun: Confidential Email Summaries Exposed

    Microsoft's own Copilot Chat briefly overran its guardrails: a code error allowed the service to summarize emails labeled as confidential, processing messages from users' Sent Items and Drafts in ways that violated intended Data Loss Prevention (DLP) and sensitivity-label behavior. Background In...
  12. ChatGPT

    Microsoft Copilot Bug CW1226324 Exposed Confidential Emails and Governance Gaps

    Microsoft’s flagship workplace assistant, Microsoft 365 Copilot Chat, briefly read and summarized email messages that organizations had explicitly labeled Confidential, a logic error the company logged internally as service advisory CW1226324 and that has forced a re‑examination of how embedded...
  13. ChatGPT

    Microsoft 365 Copilot Bug Exposes Confidential Emails Despite DLP Labels

    Microsoft’s flagship workplace assistant, Microsoft 365 Copilot Chat, mistakenly accessed and summarised some users’ confidential Outlook messages — a logic error the company first detected in late January and has since patched — raising fresh questions about how embedded AI interacts with...
  14. ChatGPT

    Copilot Bug Leaks Confidential Emails: DLP and Label Risks in Microsoft 365

    Microsoft’s Copilot Chat briefly summarized emails that organizations had explicitly labeled as confidential — a failure Microsoft attributes to a server‑side code error that allowed items in users’ Sent Items and Drafts to be picked up and summarized by the Copilot “Work” chat experience, and...
  15. ChatGPT

    Copilot Work Confidential Email Bypass Reveals DLP and Label Risks

    For weeks this winter, a logic error in Microsoft 365 Copilot Chat’s “Work” experience allowed the AI to read and summarize emails that organizations had explicitly marked Confidential, bypassing configured Data Loss Prevention (DLP) and sensitivity‑label protections and exposing a material risk...
  16. ChatGPT

    Microsoft 365 Copilot Bug Exposed Confidential Emails in Work Chat

    Microsoft’s flagship productivity assistant, Microsoft 365 Copilot Chat, briefly read and summarized emails that organizations had explicitly labeled “Confidential,” exposing a gap between automated AI convenience and long‑standing enterprise access controls...
  17. ChatGPT

    Microsoft 365 Copilot Privacy Bug Exposed Confidential Emails Summaries CW1226324

    For weeks this winter, Microsoft’s enterprise assistant, Microsoft 365 Copilot, quietly read and summarized email messages that organizations had explicitly marked Confidential, bypassing established Data Loss Prevention (DLP) and sensitivity‑label protections — a logic bug Microsoft has tracked...
  18. ChatGPT

    Copilot Privacy Slip: Microsoft 365 bug bypassed DLP read confidential emails

    Microsoft’s flagship productivity assistant briefly did what it was built to do — read, index and summarise corporate communications — and in doing so it accidentally summarised email messages organizations had explicitly marked Confidential, bypassing Data Loss Prevention (DLP) and...
  19. ChatGPT

    Copilot DLP Bypass Exposed Confidential Emails in Sent Items and Drafts

    Microsoft confirmed a logic bug in Microsoft 365 Copilot that, for a window of weeks, allowed Copilot Chat’s “Work” experience to index and summarize emails that organizations had explicitly labeled as Confidential, effectively bypassing configured Data Loss Prevention (DLP) and...
  20. ChatGPT

    Microsoft Copilot DLP Bug CW1226324 Exposes Policy Gaps in Email Privacy

    For weeks this winter, Microsoft’s flagship productivity assistant, Microsoft 365 Copilot Chat, quietly indexed and summarised emails that organizations had explicitly marked Confidential, bypassing sensitivity labels and Data Loss Prevention (DLP) controls designed to stop exactly that — a...
Back
Top