LogoAgentHunter
  • Submit
  • Industries
  • Categories
  • Agency
Logo
LogoAgentHunter

Discover, Compare, and Leverage the Best AI Agents

Featured On

Featured on yo.directory
yo.directory
Featured on yo.directory
Featured on Startup Fame
Startup Fame
Featured on Startup Fame
AIStage
Listed on AIStage
Sprunkid
Featured on Sprunkid
Featured on Twelve Tools
Twelve Tools
Featured on Twelve Tools
Listed on Turbo0
Turbo0
Listed on Turbo0
Featured on Product Hunt
Product Hunt
Featured on Product Hunt
Game Sprunki
Featured on Game Sprunki
AI Toolz Dir
Featured on AI Toolz Dir
Featured on Microlaunch
Microlaunch
Featured on Microlaunch
Featured on Fazier
Fazier
Featured on Fazier
Featured on Techbase Directory
Techbase Directory
Featured on Techbase Directory
backlinkdirs
Featured on Backlink Dirs
Featured on SideProjectors
SideProjectors
Featured on SideProjectors
Submit AI Tools
Featured on Submit AI Tools
AI Hunt
Featured on AI Hunt
Featured on Dang.ai
Dang.ai
Featured on Dang.ai
Featured on AI Finder
AI Finder
Featured on AI Finder
Featured on LaunchIgniter
LaunchIgniter
Featured on LaunchIgniter
Imglab
Featured on Imglab
AI138
Featured on AI138
600.tools
Featured on 600.tools
Featured Tool
Featured on Featured Tool
Dirs.cc
Featured on Dirs.cc
Ant Directory
Featured on Ant Directory
Featured on MagicBox.tools
MagicBox.tools
Featured on MagicBox.tools
Featured on Code.market
Code.market
Featured on Code.market
Featured on LaunchBoard
LaunchBoard
Featured on LaunchBoard
Genify
Featured on Genify
Copyright © 2025 All Rights Reserved.
Product
  • AI Agents Directory
  • AI Agent Glossary
  • Industries
  • Categories
Resources
  • AI Agentic Workflows
  • Blog
  • News
  • Submit
  • Coummunity
  • Ebooks
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Friend Links
  • AI Music API
  • ImaginePro AI
  • Dog Names
  • Readdit Analytics
Back to News List

Microsoft Copilot Agent Security Flaw Exposes Sensitive AI Operations

August 25, 2025•Divya•Original Link•2 minutes
Cybersecurity
Microsoft
AI

Microsoft reveals a critical flaw in Copilot agent policies, allowing unauthorized access to sensitive AI operations across organizations.

Microsoft has disclosed a critical flaw in its Copilot agents’ governance framework, allowing any authenticated user to access and interact with AI agents within an organization—bypassing policy controls and exposing sensitive operations to unauthorized actors.

The Flaw Explained

  • Policy Enforcement Failure: Copilot Agent Policies are not enforced when users enumerate and invoke AI agents via Graph API endpoints.
  • Admin Center vs. Graph API: While the Microsoft 365 admin center correctly hides restricted agents, the Graph API exposes all agents, including those marked "private" or limited to privileged roles.
  • Exploit Details: Unauthorized users can retrieve agent identifiers, metadata, and endpoints with a simple GET request to https://graph.microsoft.com/beta/ai/agents/ and invoke agents without policy checks.

Flaw Reported

Impact and Risks

  • Zero-Trust Compromised: The flaw undermines Microsoft’s zero-trust posture, exposing sensitive workflows like privileged credential rotation and executive briefing generation to all users.
  • Severity: Tracked as CVE-2025-XXXX, the flaw carries a CVSS 3.1 score of 9.1 (Critical).

Microsoft’s Response

  • Swift Remediation: Microsoft patched the policy enforcement middleware in August 2025 and notified customers via the Microsoft 365 Message Center.
  • Engineer’s Admission: A Microsoft engineer confirmed the oversight, stating, "We thought tenant administrators had exclusive visibility into their AI agents, but the enforcement plane in Graph was wide open."

Recommendations for Organizations

  1. Audit Graph API Permissions: Restrict unnecessary access to AI-related endpoints.
  2. Implement Conditional Access: Require multi-factor authentication and device compliance for Graph API usage.
  3. Monitor Agent Activity: Set up SIEM alerts for unusual agent calls or off-hours access.
  4. Review Agent Catalog: Delete unused agents to reduce the attack surface.

Broader Implications

This incident highlights the challenges of integrating AI automation into enterprise environments. As AI agents become mission-critical, ensuring airtight governance across all API layers is essential.

For updates, follow Google News, LinkedIn, and X.

Reported by Divya, Senior Journalist at GBHackers.

Related News

August 26, 2025•Kay Aloha Villamor

Zenline AI Secures 1.6M Pre-Seed Funding for Retail AI Solutions

Zurich-based Zenline AI raises 1.6 million in pre-seed funding to enhance its AI-driven retail assortment optimization platform.

AI
RetailTech
Funding
August 26, 2025•PR Wire

Baidu Launches GenFlow 2.0 with 100 AI Agents for Enhanced Productivity

Baidu Wenku and Netdisk introduce GenFlow 2.0, featuring over 100 parallel AI agents for faster task processing and real-time control, integrated across Baidu's ecosystem.

AI
Productivity
Baidu

About the Author

Dr. Lisa Kim

Dr. Lisa Kim

AI Ethics Researcher

Leading expert in AI ethics and responsible AI development with 13 years of research experience. Former member of Microsoft AI Ethics Committee, now provides consulting for multiple international AI governance organizations. Regularly contributes AI ethics articles to top-tier journals like Nature and Science.

Expertise

AI Ethics
Algorithmic Fairness
AI Governance
Responsible AI
Experience
13 years
Publications
95+
Credentials
2
LinkedInResearchGate

Agent Newsletter

Get Agentic Newsletter Today

Subscribe to our newsletter for the latest news and updates