<div id="readability-page-1"><div><div>A critical security flaw was discovered in Microsoft MSFT 365 Copilot, an AI tool integrated into various Microsoft Office applications. This vulnerability could potentially lead to attacks on sensitive data.What Happened: The security flaw in Microsoft 365 Copilot was identified by AI security startup Aim Security. This flaw, named “EchoLeak,” could be exploited by hackers to access sensitive information without the need for user interaction.With Microsoft 365 Copilot, an attacker could launch an attack merely by sending an email to a user—no phishing or malware required. This could potentially expose confidential and proprietary data. Adir Gruss, co-founder and CTO of Aim Security, told Fortune that the EchoLeak flaw is not just a regular security bug. It can have broader implications that extend beyond Copilot, rooted in a fundamental design flaw inherent to LLM-based AI agents.Gruss stated that if he led a company working with AI agents, he would be ‘terrified’. He also attributed security flaws as the reason behind fewer companies adopting AI agents. &#34;They're just experimenting, and they're super afraid.&#34;Microsoft told Fortune that it has resolved the issue upon notification, and no customers were affected. However, Gruss said that the Satya Nadella-led company took five months to address the issue. Gruss stated that a lasting solution will necessitate a complete rethinking of how AI agents are designed.Why It Matters: The discovery of this security flaw raises concerns about the potential risks associated with AI agents. This incident highlights the need for robust security measures to protect sensitive data from such vulnerabilities.Today's Best Finance DealsEarlier this year, Microsoft CEO Satya Nadella had introduced a new tool that allows anyone to create AI agents that can perform tasks on desktop and web applications. This recent security flaw in the Copilot AI tool underscores the importance of ensuring the security of AI agents.Meanwhile, tech giant Google GOOGL GOOG has been deploying its on-device AI model to detect and block fraudulent websites in real-time, significantly expanding its security capabilities. This proactive approach to AI security could serve as a model for other companies looking to enhance the security of their AI systems.According to Benzinga Edge Stock Rankings, Microsoft has a growth score of 90.75% and a quality rating of 63.33%. Click here to see how it compares to other leading tech companies.On a year-to-date basis, Microsoft stock surged 12.9%.<ul> <li>READ MORE: Sundar Pichai Says He Gets Frustrated, Angry, But Realized Losing His Temper Doesn’t Lead To Productivity Because Sometimes ‘Silence Can Deliver’ More: Here’s What He Learned Because Of Soccer</li> </ul>Image via Shutterstock</div></div></div>

MSFT

MSFL

MSFO

MSFD

MSFU

MSFX

MSFY

A critical security flaw named "EchoLeak" was discovered in Microsoft 365 Copilot, allowing hackers to access sensitive data without user interaction. Identified by AI startup Aim Security, the flaw took Microsoft five months to fix, raising concerns about AI security. Microsoft stated no customers were affected, but the incident highlights the need for improved security measures in AI design. Meanwhile, Google is enhancing its AI security capabilities. Microsoft stock has surged 12.9% year-to-date, reflecting strong growth despite security concerns.

- A critical security flaw named “EchoLeak” was discovered in Microsoft 365 Copilot, allowing hackers to access sensitive data without user interaction.  
- Identified by Aim Security, the flaw raises concerns about the security of AI agents and highlights the need for robust protective measures.  
- Microsoft has resolved the issue, but experts warn that a fundamental redesign of AI agents is necessary to prevent similar vulnerabilities in the future.  

Benzinga

Microsoft

GraniteShares 2x Long MSFT Daily ETF

YieldMax MSFT Option Income Strategy ETF

Direxion Daily MSFT Bear 1x Shares

Direxion Daily MSFT Bull 2X Shares

T-Rex 2X Long Microsoft Daily Target ETF

Kurv Yield Premium Strategy Microsoft MSFT ETF

Alphabet - C

Alphabet

Hackers Could Steal Data From Microsoft 365 Copilot Without Phishing Or Malware, Says AI Startup — 'EchoLeak' Flaw Took 5 Months To Fix