Microsoft 365 Copilot Flaw Allows AI Assistant to Summarize Sensitive Emails

A security flaw in Microsoft 365 Copilot is causing the AI assistant to incorrectly summarize email messages protected by confidentiality sensitivity labels, bypassing configured Data Loss Prevention (DLP) policies dxposing potentially sensitive organizational data to unauthorized AI processing.

The issue, tracked under Microsoft reference CW1226324, was first flagged on February 4, 2026, and remains ongoing. According to the incident report, the Copilot “Work Tab” Chat feature is actively summarizing emails that carry a confidential sensitivity label, even when DLP policies are explicitly configured to restrict such processing.

Root Cause and Technical Details

Microsoft’s investigation identified a code-level defect as the root cause. The flaw allows Copilot to inadvertently pick up items stored in users’ Sent Items and Draft folders, bypassing the confidentiality labels applied to those messages.

Under normal operation, sensitivity labels paired with DLP policies should prevent Copilot from accessing or processing any email flagged as confidential. However, the bug effectively renders these controls non-functional for the affected email folders, allowing the AI to surface restricted content in chat summaries.

This is particularly concerning for organizations in regulated industries such as healthcare, finance, and government, where email confidentiality controls are not merely best practices but compliance requirements.

The NHS flagged the incident internally as INC46740412, indicating the issue has a real-world impact for public sector users relying on Microsoft 365.

As of February 11, 2026, Microsoft has begun deploying a fix across affected environments and is reaching out to a subset of impacted users to validate impact remediation.

However, the rollout has not yet reached full saturation, and the issue remains unresolved for some organizations. Microsoft aims to provide a remediation timeline as the fix progresses.

The scope of impact is broad; any organization with Microsoft 365 Copilot enabled and confidentiality labels configured on email could be affected.

Administrators are advised to monitor the Microsoft 365 admin center for updates under reference CW1226324 and review Copilot activity logs for anomalous access to labeled content.

The bypass of DLP policies by an AI assistant represents a significant security gap. DLP controls are a cornerstone of enterprise data governance, and an AI tool circumventing those controls, even unintentionally, undermines the integrity of an organization’s information protection posture.

Until the fix is fully deployed, security teams should consider whether to temporarily restrict Copilot access in environments handling highly sensitive email communications.

Microsoft’s next update is expected by February 18, 2026, at 11:00 AM UTC.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Microsoft 365 Copilot Flaw Allows AI Assistant to Summarize Sensitive Emails appeared first on Cyber Security News.