Microsoft disclosed a serious security flaw in its Office software, labeled CVE-2024-38200, which could allow hackers to access confidential data. Discovered by researchers Jim Rush and Metin ...

Microsoft unveils potentially serious Office security flaw — but you probably should be safe. Story by Sead Fadilpaši ... Office LTSC 2021, and Microsoft 365 Apps for Enterprise.

Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...

Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, PowerPoint, and Teams, harbored a critical security flaw that, according to ...

Also, Microsoft noted that there's no evidence of any real-world exploitation, so this flaw impacted no customers. Microsoft 365 Copilot is an AI assistant built into Office apps like Word, Excel ...

Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-38200, this security flaw is caused by an ...

The “EchoLeak,” as the security flaw is known, is the first known AI security vulnerability that doesn’t require users to ...

A vulnerability in Microsoft 365 Copilot that allowed attackers to steal users’ sensitive information has been disclosed by a cybersecurity researcher. Johann Rehberger, who discovered the flaw, ...

Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage Your email has been sent WebDAV flaw actively exploited for targeted espionage Proof-of-concept exploit for ...

March's security update has also addressed an active security bypass issue in the Microsoft Management Console (CVE-2025-26633). Alone, this flaw won't do much damage.