Microsoft 365 Copilot "SearchLeak" One-Click Data Exfiltration via Prompt Injection Now Patched (CVE-2026-42824)

Scope: Microsoft 365 Copilot Enterprise Search (All Tenants, Now Patched Server-Side)

Severity: High

Varonis Threat Labs disclosed SearchLeak on June 15, 2026, a three-stage attack chain that allowed an attacker to silently exfiltrate a victim's emails, MFA codes, calendar events, SharePoint documents, and OneDrive files with nothing more than a single click on a crafted Microsoft 365 URL, with the victim seeing only Copilot "thinking" briefly and no other visible indication of data theft. The chain combines a URL parameter-to-prompt injection via Copilot Enterprise Search's q parameter, an HTML rendering race condition that fires an attacker-controlled image tag before output sanitization completes, and a Bing SSRF that routes stolen data through Microsoft's own infrastructure to bypass the page's Content Security Policy entirely. Microsoft deployed a backend fix during the June 13, 2026 Patch Tuesday cycle meaning no action is required from tenant administrators to receive the patch; organizations should however monitor Copilot audit logs for encoded payloads in the q parameter, and apply Conditional Access policies restricting Copilot access to managed devices and trusted IPs as a defense-in-depth measure.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.