Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Microsoft and Salesforce have patched critical prompt injection vulnerabilities in their AI agent platforms (Copilot and Agentforce) that could have allowed external attackers to exfiltrate sensitive organizational data. Prompt injection attacks manipulate AI systems by injecting malicious instructions into queries, causing the AI to bypass its safety guardrails and reveal confidential information. Organizations using these AI agents should ensure patches are applied immediately and monitor for unusual data access patterns. The vulnerabilities highlight the emerging risk of adversarial prompts targeting AI systems and the need for robust input validation, output filtering, and least-privilege access controls when deploying AI agents in enterprise environments.

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Microsoft and Salesforce have patched critical prompt injection vulnerabilities in their AI agent platforms (Copilot and Agentforce) that could have allowed external attackers to exfiltrate sensitive organizational data. Prompt injection attacks manipulate AI systems by injecting malicious instructions into queries, causing the AI to bypass its safety guardrails and reveal confidential information. Organizations using these AI agents should ensure patches are applied immediately and monitor for unusual data access patterns. The vulnerabilities highlight the emerging risk of adversarial prompts targeting AI systems and the need for robust input validation, output filtering, and least-privilege access controls when deploying AI agents in enterprise environments. Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.