Article: Copilot Broke Audit Log.

t2van

Chief Member
Founding Member
Bronze Star Bronze Star Bronze Star Bronze Star Bronze Star
Joined
Apr 22, 2025
Messages
3,045
Reaction Score
8,364
Feedback
0 / 0 / 0

Copilot Broke Your Audit Log, but Microsoft Won’t Tell You​


Nice to see they gone all in with AI so hard they don't want to let on there are problems and work arounds with it.

If you don't want to read:

Like most tech companies, Microsoft is going all-in on AI. Their flagship AI product, Copilot (in all its various forms), allows people to utilize AI in their daily work to interact with Microsoft services and generally perform tasks. Unfortunately, this also creates a wide range of new security problems.

On July 4th, I came across a problem in M365 Copilot: Sometimes it would access a file and return the information, but the audit log would not reflect that. Upon testing further, I discovered that I could simply ask Copilot to behave in that manner, and it would. That made it possible to access a file without leaving a trace. Given the problems that creates, both for security and legal compliance, I immediately reported it to Microsoft through their MSRC portal.

He reported it. MS won't let it's user base know of the issue.
 
didnt MS replace like half of its workforce & code base with AI already :D
 
Back
Top