A vulnerability in Microsoft 365 Copilot exposed a risk where a single click could lead to unauthorized access to emails, calendar data, and files. This flaw was identified by Varonis Threat Labs, who termed the exploit SearchLeak.
SearchLeak involved chaining three vulnerabilities into a seamless attack path, leveraging trusted microsoft.com links, which traditional security tools might not flag. Microsoft has since addressed this issue on their servers, ensuring that users remain protected.
Understanding the Vulnerability
Microsoft’s advisory highlighted the flaw as a command injection risk within their network. This attack combined AI vulnerabilities with existing web bugs, exploiting the q parameter in the Copilot Enterprise Search URL. Originally meant for search queries, this parameter could be manipulated to execute undesired actions.
The flaw allowed attackers to fetch email titles and embed them in image URLs without user interaction beyond an initial click. The attack was facilitated by a race condition in the browser’s rendering process, which allowed malicious requests to execute before security measures could neutralize them.
Exploiting Security Policies
Another critical aspect involved bypassing the Content Security Policy (CSP) of m365.cloud.microsoft. While CSP typically blocks images from untrusted domains, it allows those from *.bing.com. By leveraging Bing’s “Search by Image” feature, attackers could exfiltrate data via Bing’s infrastructure, effectively using it as a proxy.
This method meant that once the victim clicked a malicious link, the information could be extracted and logged by attackers. With access to sensitive items like MFA codes and password reset links, the potential for account takeover was significant.
Previous Incidents and Future Outlook
Varonis had previously exposed a similar vulnerability, Reprompt, which targeted Copilot Personal users. Despite additional security measures for Enterprise users, this pattern persisted, indicating a need for enhanced safeguards.
In response, Microsoft has mitigated the flaw, but ongoing vigilance is advised for enterprise administrators. Monitoring encoded payloads in search URLs and unusual Bing image requests can help detect potential threats.
Enhancing data governance and limiting the scope of Copilot’s indexing can also reduce exposure to future vulnerabilities, ensuring more robust protection of sensitive enterprise data.
