Microsoft has confirmed that a software defect in its Microsoft 365 Copilot AI assistant has been causing the tool to improperly access and summarise confidential emails since late January, circumventing data loss prevention policies that organisations implement to safeguard sensitive information. The bug, identified as CW1226324 and first detected on January 21, affects the Copilot “work tab” chat feature and has been processing emails stored in users’ Sent Items and Drafts folders regardless of confidentiality labels specifically applied to prevent automated tool access. Microsoft 365 Copilot Chat, which the company rolled out to Word, Excel, PowerPoint, Outlook, and OneNote for business subscribers in September 2025, functions as an AI-powered content-aware assistant allowing users to interact with various AI agents.
Microsoft acknowledged the security flaw in a service alert, confirming that a code error was allowing Copilot to process email messages despite active sensitivity labels and configured data loss prevention policies. The company stated that items in sent and draft folders were being incorrectly accessed by Copilot even when confidential labels were properly configured. Microsoft began deploying a fix in early February and as of midweek was continuing to monitor the rollout while contacting a subset of affected users to verify the patch’s effectiveness. The incident has been classified as an advisory, a designation typically reserved for service issues with limited scope or impact, though Microsoft has not disclosed the exact number of affected users or organisations.
In a statement provided after initial reports surfaced, Microsoft clarified that while the issue represented a deviation from the intended Copilot experience designed to exclude protected content, the bug did not grant anyone access to information they were not already authorised to view. The company emphasised that access controls and data protection policies remained intact throughout the incident, with the problem limited to Copilot’s behaviour within individual users’ own mailboxes in Outlook desktop. Microsoft confirmed that a configuration update has been deployed worldwide for enterprise customers, though the company has not provided a definitive timeline for complete remediation as the investigation continues.