A one-click Copilot flaw, and nothing you could do about it

On June 15, 2026, researchers disclosed a one-click flaw in Microsoft 365 Copilot (CVE-2026-42824): a single click on a legitimate-looking microsoft.com link could let an attacker silently pull a victim’s emails, files, calendar entries and even MFA codes out of Copilot Enterprise.

The part that matters for everyone else is where the failure lived. This was a server-side bug in a managed cloud service — as the reporting noted, tenant admins “cannot patch or reconfigure the parts that failed.” Every affected company could do exactly one thing: wait for Microsoft.

The Stavryn take

When the AI runs in someone else’s cloud, their bug is your breach — and their patch timeline is your patch timeline. You can’t fix what you don’t run.
A model on hardware you own has no vendor backend to silently fail, and no shared runtime for a crafted prompt to tunnel data out of.

Reported by The Hacker News, corroborated by BleepingComputer. See our security posture and the private alternative.