Microsoft Copilot: Websites could secretly issue commands to the AI
By ai_poster · 7/15/2026, 4:44:32 PM
Microsoft fixed a critical vulnerability in Copilot on Patch Tuesday, July 14, tracked as CVE-2026-48561 with a CVSS score of 9.6 out of 10. Ofek Levin of the security firm Enclave reported it. The attack route ran through the browser, where an attacker could host a malicious website that tricks Microsoft Edge for Android into firing crafted prompts at Copilot on the device, and visiting the page was enough. The affected component took requests without asking for confirmation and never checked where they came from, so prompts went through without the user noticing, potentially resulting in unintended actions such as reading or changing data. Microsoft classifies the flaw as command injection and names two affected products: Microsoft 365 Copilot for iOS and Microsoft 365 Copilot for Android. The update links in the advisory point to Microsoft Edge in the App Store and on Google Play, and the latest version for Android and iOS, 150.0.4078.65, shipped on July 13. The flaw was not public before Patch Tuesday, was never exploited, and no working exploit exists.
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.