Security researchers have uncovered a critical vulnerability in Microsoft's AI-powered Copilot Enterprise Search that could have allowed attackers to exfiltrate sensitive corporate data with just a single click. The discovery highlights the emerging security challenges organizations face as they increasingly integrate AI assistants into their daily operations, potentially creating new attack surfaces that bypass traditional defenses.
The vulnerability, dubbed "SearchLeak" by researchers at Varonis Threat Labs, was the result of chaining three separate security flaws within Microsoft 365 Copilot. Attackers could have exploited this weakness by tricking users into clicking on a specially crafted link that appeared legitimate because it pointed to an actual microsoft.com domain. Once clicked, the link would have enabled unauthorized access to emails, calendar information, and files indexed by the Copilot search functionality.
This vulnerability is particularly concerning because it leveraged the trust that security systems place in Microsoft's own domains. Traditional anti-phishing measures and URL filtering tools are designed to block suspicious domains, but they typically whitelist microsoft.com and other official Microsoft domains. This created a perfect storm where attackers could bypass these security controls while still maintaining the appearance of legitimacy to both automated defenses and end users.
Organizations using Microsoft 365 Copilot Enterprise Search were the primary entities at risk, though Microsoft has reportedly patched the vulnerability after being notified by the researchers. The potential exposure included corporate emails, sensitive calendar appointments, and any documents