{"id":23925,"date":"2025-09-04T10:00:00","date_gmt":"2025-09-04T08:00:00","guid":{"rendered":"https:\/\/defenderbox.de\/?p=23925"},"modified":"2026-03-11T17:57:49","modified_gmt":"2026-03-11T16:57:49","slug":"copilot-m365","status":"publish","type":"post","link":"https:\/\/defenderbox.de\/en\/copilot-m365\/","title":{"rendered":"Critical security vulnerability Copilot M365"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"23925\" class=\"elementor elementor-23925\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-bcd3eed e-con-full e-flex e-con e-parent\" data-id=\"bcd3eed\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-63b289cc elementor-widget elementor-widget-text-editor\" data-id=\"63b289cc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<h2>Companies should review their audit logs<\/h2>\n<p data-start=\"1258\" data-end=\"1550\">In Microsoft 365 Copilot, a new <span style=\"color: #800080;\">Critical security vulnerability<\/span> known. A simple trick allowed users, including potentially malicious insiders, to access sensitive files - without this access being recorded in the official audit logs.<\/p>\n<p data-start=\"1552\" data-end=\"1847\">The vulnerability has now been fixed, but Microsoft has not published a CVE and has not actively informed its customers. For many companies, this means that audit trails could be incomplete before August 18, 2025 - with serious consequences for <a href=\"https:\/\/defenderbox.de\/en\/product\/\">Security<\/a> and compliance.<\/p>\n<h3 data-start=\"2236\" data-end=\"2281\"><span style=\"color: #000000;\">What has happened so far - and why this is problematic<\/span><\/h3>\n<p data-start=\"1914\" data-end=\"2060\">On July 4, 2025, a security researcher from the technology company Pistachio discovered a vulnerability in Microsoft 365 Copilot:<\/p>\n<ul data-start=\"2061\" data-end=\"2345\">\n<li data-start=\"2061\" data-end=\"2162\">\n<p data-start=\"2063\" data-end=\"2162\">A simple command was used to prevent access to files from being logged.<\/p>\n<\/li>\n<li data-start=\"2163\" data-end=\"2272\">\n<p data-start=\"2165\" data-end=\"2272\">Audit protocols - actually essential for security and compliance - were bypassed as a result.<\/p>\n<\/li>\n<li data-start=\"2273\" data-end=\"2345\">\n<p data-start=\"2275\" data-end=\"2345\">Companies would run the risk of data leaks going unnoticed.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2347\" data-end=\"2541\">This is a compliance risk for regulated industries such as financial services, healthcare or public administration, as complete audit trails are required by law.<\/p>\n<h4 data-start=\"3022\" data-end=\"3062\"><strong><span style=\"color: #000000;\">Microsoft's silent fix - and the criticism of it\u00a0<\/span><\/strong><\/h4>\n<p data-start=\"2601\" data-end=\"2726\">On <span style=\"color: #800080;\">August 17<\/span> In 2025, Microsoft played out a fix. But instead of creating transparency, the company decided to<\/p>\n<ul data-start=\"2727\" data-end=\"2843\">\n<li data-start=\"2727\" data-end=\"2766\">\n<p data-start=\"2729\" data-end=\"2766\"><span style=\"color: #800080;\">No CVE<\/span> for the weak point<\/p>\n<\/li>\n<li data-start=\"2767\" data-end=\"2805\">\n<p data-start=\"2769\" data-end=\"2805\"><span style=\"color: #800080;\">No active customer information<\/span><\/p>\n<\/li>\n<li data-start=\"2806\" data-end=\"2843\">\n<p data-start=\"2808\" data-end=\"2843\"><span style=\"color: #800080;\">No public announcement<\/span><\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2845\" data-end=\"3153\"><a href=\"https:\/\/defenderbox.de\/en\/directors-and-officers-liability\/\">The problem<\/a>: <span style=\"color: #333333;\">Companies may not know that their audit logs may be incomplete until August 18. <\/span>Even more explosive: According to Michael Bargury (CTO Zenity), a similar security vulnerability was reported over a year ago - without it being fixed at the time.<\/p>\n<h4 data-start=\"3276\" data-end=\"3314\"><strong><span style=\"color: #000000;\">Risk for companies<\/span><\/strong><\/h4>\n<p data-start=\"2241\" data-end=\"2361\"><span style=\"color: #800080;\">Insider attacks remain invisible!<\/span><\/p>\n<p data-start=\"3221\" data-end=\"3315\">The vulnerability opens up new attack possibilities, especially for malicious insiders:<\/p>\n<ul data-start=\"3316\" data-end=\"3572\">\n<li data-start=\"3316\" data-end=\"3413\">\n<p data-start=\"3318\" data-end=\"3413\">Access sensitive files without alerting security or compliance teams<\/p>\n<\/li>\n<li data-start=\"3414\" data-end=\"3490\">\n<p data-start=\"3416\" data-end=\"3490\">Exfiltration of confidential data without forensic traceability<\/p>\n<\/li>\n<li data-start=\"3491\" data-end=\"3572\">\n<p data-start=\"3493\" data-end=\"3572\">Risk of incorrect safety analyses because logs can be incomplete<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3574\" data-end=\"3732\">Companies must assume that access may have taken place unnoticed - <span style=\"color: #333333;\">especially if Microsoft 365 Copilot is used intensively.<\/span><\/p>\n<h4 data-start=\"2241\" data-end=\"2361\"><span style=\"color: #000000;\"><strong>Recommendations for companies<\/strong><\/span><\/h4>\n<p data-start=\"3786\" data-end=\"3852\">To minimize the risks, companies should <span style=\"color: #333333;\">act now<\/span>:<\/p>\n<ol data-start=\"3854\" data-end=\"4303\">\n<li data-start=\"3854\" data-end=\"3945\">\n<p data-start=\"3857\" data-end=\"3886\">Check audit logs<\/p>\n<ul data-start=\"3890\" data-end=\"3945\">\n<li data-start=\"3890\" data-end=\"3945\">\n<p data-start=\"3892\" data-end=\"3945\">Check whether security-relevant accesses are missing<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"3946\" data-end=\"4077\">\n<p data-start=\"3949\" data-end=\"3988\">Actively addressing insider risks<\/p>\n<ul data-start=\"3992\" data-end=\"4077\">\n<li data-start=\"3992\" data-end=\"4077\">\n<p data-start=\"3994\" data-end=\"4077\">Implement monitoring systems that work independently of Microsoft's logging<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"4078\" data-end=\"4193\">\n<p data-start=\"4081\" data-end=\"4117\">Proactive security measures<\/p>\n<ul data-start=\"4121\" data-end=\"4193\">\n<li data-start=\"4121\" data-end=\"4193\">\n<p data-start=\"4123\" data-end=\"4193\">Detect security vulnerabilities early before attackers exploit them<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"4194\" data-end=\"4303\">\n<p data-start=\"4197\" data-end=\"4227\">Awareness and training<\/p>\n<ul data-start=\"4231\" data-end=\"4303\">\n<li data-start=\"4231\" data-end=\"4303\">\n<p data-start=\"4233\" data-end=\"4303\">Sensitize employees to AI risks and insider threats<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h4 data-start=\"4331\" data-end=\"4676\"><strong><span style=\"color: #000000;\">Conclusion\u00a0<\/span><\/strong><\/h4>\n<p data-start=\"4331\" data-end=\"4676\">The vulnerability in M365 Copilot has been fixed, but the way it was handled raises questions about Microsoft's transparency.<\/p>\n<p data-start=\"4331\" data-end=\"4676\">In times when AI is deeply integrated into business processes, companies must strengthen their own security strategy and not rely solely on the audit logs of a provider.<\/p>\n<p data-start=\"4678\" data-end=\"4875\">The <a href=\"https:\/\/defenderbox.de\/en\/right-questions\/\">DEFENDERBOX<\/a> helps to detect security vulnerabilities in real time, prevent data leaks and make insider activities visible independently of Microsoft's logging.<\/p>\n<p data-start=\"2965\" data-end=\"3021\">Proactive security strategies are crucial:<\/p>\n<ul data-start=\"3022\" data-end=\"3268\">\n<li data-start=\"3022\" data-end=\"3097\">\n<p data-start=\"3024\" data-end=\"3097\"><strong data-start=\"3024\" data-end=\"3063\">Early detection of security vulnerabilities<\/strong>before attackers take advantage of them.<\/p>\n<\/li>\n<li data-start=\"3098\" data-end=\"3198\">\n<p data-start=\"3100\" data-end=\"3198\"><a href=\"https:\/\/defenderbox.de\/en\/3-steps\/\">Continuous monitoring of accesses<\/a> - independent of the manufacturer's audit logs.<\/p>\n<\/li>\n<li data-start=\"3199\" data-end=\"3268\">\n<p data-start=\"3201\" data-end=\"3268\">Awareness training and <a href=\"https:\/\/defenderbox.de\/en\/phished\/\">Sensitization<\/a> for insider risks.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3266\" data-end=\"3322\">\ud83d\udc49 Do you want to know how your IT security is doing? Find out now <a href=\"https:\/\/defenderbox.de\/en\/test-installation\/\">here<\/a> Start cyber check.\u00a0<\/p>\n<p data-start=\"3324\" data-end=\"3376\"><strong data-start=\"3324\" data-end=\"3376\">Stay vigilant - your IT will stay that way with us.\u00a0<\/strong><\/p>\n<div>\n<p style=\"font-weight: 400;\">\u27a1\ufe0f\u00a0<a href=\"https:\/\/defenderbox.de\/en\/test-installation\/\" target=\"_blank\" rel=\"noopener\">Test now<\/a><br \/>\u27a1\ufe0f <a href=\"https:\/\/defenderbox.de\/en\/partner\/\" target=\"_blank\" rel=\"noopener\">Become a partner<\/a><br \/>\u27a1\ufe0f\u00a0<a href=\"https:\/\/defenderbox.de\/en\/career\/\" target=\"_blank\" rel=\"noopener\">Career with us<\/a><\/p>\n<\/div>\n<!-- \/wp:image --><!-- wp:paragraph --><!-- \/wp:paragraph --><!-- wp:separator {\"className\":\"is-style-wide\",\"style\":{\"spacing\":{\"margin\":{\"top\":\"var:preset|spacing|x-small\",\"bottom\":\"var:preset|spacing|x-small\"}}},\"backgroundColor\":\"tertiary\"} --><!-- \/wp:column --><!-- \/wp:columns -->\n<p>\u00a0<\/p>\n<!-- \/wp:group -->\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>A significant security vulnerability was discovered in Microsoft's Copilot for M365, which allowed users to access sensitive files.<\/p>","protected":false},"author":3,"featured_media":23923,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[28],"tags":[41,39,38,40,72,74,37,36],"class_list":["post-23925","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-neues-auf-der-cyberfront","tag-cyberlage","tag-cybersecurity","tag-cybersicherheit","tag-hackerangriffe","tag-it-sicherheit","tag-pentest","tag-schwachstellen","tag-sicherheitsluecken"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Kritische Sicherheitsl\u00fccke Copilot M365 - DEFENDERBOX<\/title>\n<meta name=\"description\" content=\"DEFENDERBOX macht Cyberbedrohungen sichtbar, bevor sie zuschlagen. St\u00e4rken Sie die Resilienz Ihres Unternehmens gegen Hackerangriffe \u2013 \u00fcberall und jederzeit.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/defenderbox.de\/en\/copilot-m365\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kritische Sicherheitsl\u00fccke Copilot M365 - DEFENDERBOX\" \/>\n<meta property=\"og:description\" content=\"DEFENDERBOX macht Cyberbedrohungen sichtbar, bevor sie zuschlagen. St\u00e4rken Sie die Resilienz Ihres Unternehmens gegen Hackerangriffe \u2013 \u00fcberall und jederzeit.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/defenderbox.de\/en\/copilot-m365\/\" \/>\n<meta property=\"og:site_name\" content=\"DEFENDERBOX\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/de.linkedin.com\/company\/defenderbox\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-04T08:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-11T16:57:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1344\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Regine Heue\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Regine Heue\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/\"},\"author\":{\"name\":\"Regine Heue\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#\\\/schema\\\/person\\\/b83407c671731c92428913089813ab49\"},\"headline\":\"Kritische Sicherheitsl\u00fccke Copilot M365\",\"datePublished\":\"2025-09-04T08:00:00+00:00\",\"dateModified\":\"2026-03-11T16:57:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/\"},\"wordCount\":499,\"publisher\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg\",\"keywords\":[\"Cyberlage\",\"Cybersecurity\",\"Cybersicherheit\",\"Hackerangriffe\",\"IT-Sicherheit\",\"Pentest\",\"Schwachstellen\",\"Sicherheitsl\u00fccken\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/\",\"url\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/\",\"name\":\"Kritische Sicherheitsl\u00fccke Copilot M365 - DEFENDERBOX\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg\",\"datePublished\":\"2025-09-04T08:00:00+00:00\",\"dateModified\":\"2026-03-11T16:57:49+00:00\",\"description\":\"DEFENDERBOX macht Cyberbedrohungen sichtbar, bevor sie zuschlagen. St\u00e4rken Sie die Resilienz Ihres Unternehmens gegen Hackerangriffe \u2013 \u00fcberall und jederzeit.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#primaryimage\",\"url\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg\",\"contentUrl\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg\",\"width\":1344,\"height\":768,\"caption\":\"In Microsofts M365 Copilot wurde eine Sicherheitsl\u00fccke entdeckt,\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/copilot-m365\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/defenderbox.de\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kritische Sicherheitsl\u00fccke Copilot M365\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#website\",\"url\":\"https:\\\/\\\/defenderbox.de\\\/\",\"name\":\"DEFENDERBOX\",\"description\":\"Cybersecurity at its best.\",\"publisher\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/defenderbox.de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#organization\",\"name\":\"DEFENDERBOX\",\"url\":\"https:\\\/\\\/defenderbox.de\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cropped-Logo_Claim-400_116.png\",\"contentUrl\":\"https:\\\/\\\/defenderbox.de\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cropped-Logo_Claim-400_116.png\",\"width\":400,\"height\":110,\"caption\":\"DEFENDERBOX\"},\"image\":{\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/de.linkedin.com\\\/company\\\/defenderbox\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/defenderbox.de\\\/#\\\/schema\\\/person\\\/b83407c671731c92428913089813ab49\",\"name\":\"Regine Heue\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g\",\"caption\":\"Regine Heue\"},\"sameAs\":[\"http:\\\/\\\/defenderbox.de\"],\"url\":\"https:\\\/\\\/defenderbox.de\\\/en\\\/author\\\/regine-heue\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical security vulnerability Copilot M365 - DEFENDERBOX","description":"DEFENDERBOX makes cyber threats visible before they strike. Strengthen your company's resilience against hacker attacks - anywhere and at any time.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/defenderbox.de\/en\/copilot-m365\/","og_locale":"en_US","og_type":"article","og_title":"Kritische Sicherheitsl\u00fccke Copilot M365 - DEFENDERBOX","og_description":"DEFENDERBOX macht Cyberbedrohungen sichtbar, bevor sie zuschlagen. St\u00e4rken Sie die Resilienz Ihres Unternehmens gegen Hackerangriffe \u2013 \u00fcberall und jederzeit.","og_url":"https:\/\/defenderbox.de\/en\/copilot-m365\/","og_site_name":"DEFENDERBOX","article_publisher":"https:\/\/de.linkedin.com\/company\/defenderbox","article_published_time":"2025-09-04T08:00:00+00:00","article_modified_time":"2026-03-11T16:57:49+00:00","og_image":[{"width":1344,"height":768,"url":"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg","type":"image\/jpeg"}],"author":"Regine Heue","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Regine Heue","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/defenderbox.de\/copilot-m365\/#article","isPartOf":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/"},"author":{"name":"Regine Heue","@id":"https:\/\/defenderbox.de\/#\/schema\/person\/b83407c671731c92428913089813ab49"},"headline":"Kritische Sicherheitsl\u00fccke Copilot M365","datePublished":"2025-09-04T08:00:00+00:00","dateModified":"2026-03-11T16:57:49+00:00","mainEntityOfPage":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/"},"wordCount":499,"publisher":{"@id":"https:\/\/defenderbox.de\/#organization"},"image":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/#primaryimage"},"thumbnailUrl":"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg","keywords":["Cyberlage","Cybersecurity","Cybersicherheit","Hackerangriffe","IT-Sicherheit","Pentest","Schwachstellen","Sicherheitsl\u00fccken"],"articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/defenderbox.de\/copilot-m365\/","url":"https:\/\/defenderbox.de\/copilot-m365\/","name":"Critical security vulnerability Copilot M365 - DEFENDERBOX","isPartOf":{"@id":"https:\/\/defenderbox.de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/#primaryimage"},"image":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/#primaryimage"},"thumbnailUrl":"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg","datePublished":"2025-09-04T08:00:00+00:00","dateModified":"2026-03-11T16:57:49+00:00","description":"DEFENDERBOX makes cyber threats visible before they strike. Strengthen your company's resilience against hacker attacks - anywhere and at any time.","breadcrumb":{"@id":"https:\/\/defenderbox.de\/copilot-m365\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/defenderbox.de\/copilot-m365\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/defenderbox.de\/copilot-m365\/#primaryimage","url":"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg","contentUrl":"https:\/\/defenderbox.de\/wp-content\/uploads\/2025\/08\/ki-bild-erstellen.de-in-Microsoft-Copi.jpg","width":1344,"height":768,"caption":"In Microsofts M365 Copilot wurde eine Sicherheitsl\u00fccke entdeckt,"},{"@type":"BreadcrumbList","@id":"https:\/\/defenderbox.de\/copilot-m365\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/defenderbox.de\/"},{"@type":"ListItem","position":2,"name":"Kritische Sicherheitsl\u00fccke Copilot M365"}]},{"@type":"WebSite","@id":"https:\/\/defenderbox.de\/#website","url":"https:\/\/defenderbox.de\/","name":"DEFENDERBOX","description":"Cybersecurity at its best.","publisher":{"@id":"https:\/\/defenderbox.de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/defenderbox.de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/defenderbox.de\/#organization","name":"DEFENDERBOX","url":"https:\/\/defenderbox.de\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/defenderbox.de\/#\/schema\/logo\/image\/","url":"https:\/\/defenderbox.de\/wp-content\/uploads\/2024\/08\/cropped-Logo_Claim-400_116.png","contentUrl":"https:\/\/defenderbox.de\/wp-content\/uploads\/2024\/08\/cropped-Logo_Claim-400_116.png","width":400,"height":110,"caption":"DEFENDERBOX"},"image":{"@id":"https:\/\/defenderbox.de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/de.linkedin.com\/company\/defenderbox"]},{"@type":"Person","@id":"https:\/\/defenderbox.de\/#\/schema\/person\/b83407c671731c92428913089813ab49","name":"Regine Heue","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/229aff465565b2ec40968fea9d60687f0298ac3de5d0c39eeb1b385e3b6eabaf?s=96&d=mm&r=g","caption":"Regine Heue"},"sameAs":["http:\/\/defenderbox.de"],"url":"https:\/\/defenderbox.de\/en\/author\/regine-heue\/"}]}},"_links":{"self":[{"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/posts\/23925","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/comments?post=23925"}],"version-history":[{"count":3,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/posts\/23925\/revisions"}],"predecessor-version":[{"id":27184,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/posts\/23925\/revisions\/27184"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/media\/23923"}],"wp:attachment":[{"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/media?parent=23925"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/categories?post=23925"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defenderbox.de\/en\/wp-json\/wp\/v2\/tags?post=23925"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}