Microsoft has issued an emergency advisory for Copilot for Microsoft 365 enterprise customers after discovering a prompt injection vulnerability that could allow unauthorized data extraction from SharePoint and OneDrive through crafted document content.
Vulnerability Details
The flaw allows an attacker to embed hidden instructions in shared documents that Copilot processes, potentially causing it to summarize and exfiltrate sensitive data from the user's accessible files.
- CVE-2026-3891 rated High severity (CVSS 7.5)
- Affects all Copilot for M365 deployments with SharePoint integration enabled
- Attack requires only the ability to share a document with the target user
- No user interaction needed beyond normal Copilot usage on the poisoned document
Mitigation
Microsoft has deployed a server-side fix that adds input sanitization to Copilot's document processing pipeline. Enterprise admins are advised to audit Copilot activity logs for the past 30 days and review any external document sharing that occurred during the exposure window. The incident highlights growing concerns about AI assistant security in enterprise environments.
