Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two critical prompt injection vulnerabilities were discovered and patched in enterprise AI platforms—Salesforce Agentforce and Microsoft Copilot. These flaws would have allowed external attackers to manipulate AI agents through specially crafted inputs, potentially exfiltrating sensitive corporate data. Prompt injection attacks exploit the trust AI systems place in user-supplied instructions, bypassing normal access controls. Both vendors have released patches, and organizations using these AI agent platforms should verify their systems are updated. The incidents highlight growing concerns about AI-specific attack surfaces and the need for robust input validation and isolation mechanisms in AI deployments.

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Two critical prompt injection vulnerabilities were discovered and patched in enterprise AI platforms—Salesforce Agentforce and Microsoft Copilot. These flaws would have allowed external attackers to manipulate AI agents through specially crafted inputs, potentially exfiltrating sensitive corporate data. Prompt injection attacks exploit the trust AI systems place in user-supplied instructions, bypassing normal access controls. Both vendors have released patches, and organizations using these AI agent platforms should verify their systems are updated. The incidents highlight growing concerns about AI-specific attack surfaces and the need for robust input validation and isolation mechanisms in AI deployments. Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.