Penetration Test Archives - Office 365 for IT Pros

Why Copilot Access to “Restricted” Passwords Isn’t as Big an Issue as Uploading Files to ChatGPT

Posted on May 20, 2025May 20, 2025 by Tony Redmond

Microsoft 365 Copilot and penetration tests

Some sites picked up the Microsoft 365 Copilot penetration test that allegedly proved how Copilot can extract sensitive data from SharePoint Online. When you look at the test, it depends on three major assumptions: that an attacker compromises a tenant, poor tenant management, and failure to deploy available tools. Other issues, like users uploading SharePoint and OneDrive files to process on ChatGPT, are more of a priority for tenant administrators.

Penetration Test Asks Questions About Copilot Access to SharePoint Online

Posted on May 12, 2025May 8, 2025 by Tony Redmond

Copilot for Microsoft 365 Penetration Test

An article by a company specializing in penetration tests raised some questions about how attackers might use Copilot for Microsoft 365 to retrieve data. The article is an interesting read and reveals how Copilot can reveal data in password protected Excel worksheets. However, many of the issues raised can be controlled by applying available controls, and the biggest worry is lhow the account being used to run Copilot came to be compromised!