Governance and agent guardrails
Key Questions
What vulnerabilities affect Microsoft 365 Copilot security?
Silent Egress prompt injection attacks show 89% success rate, with CVE-2025-32711 reported for M365 Copilot and mobile token theft vulnerabilities noted. SearchLeak CVE-2026-42824 has been patched.
How can Teams organizers control Copilot during meetings?
Microsoft added an in-meeting toggle for Teams Copilot to disable AI mid-meeting, including Facilitator and Intelligent recap features. This provides real-time control for sensitive discussions and addresses privacy concerns.
What governance tools are available for Copilot Studio and agents?
Silverfort IAM, Aembit IAM extensions, and ShareGate MCP support governance, with Microsoft flagging MCP tool descriptions as a hidden attack path. Admin-curated prompts and lifecycle management guidance are also provided.
What new security service does BlueVoyant offer for Microsoft environments?
BlueVoyant released an AI agent security service offering 90-day engagements with client-owned config for inventory, identity, threat detection, and DLP covering Copilot and Copilot Studio agents.
How does Microsoft address third-party model risk in Copilot governance?
Guidance on managing third-party model risk includes frameworks for inventory, vendor assessment, and technical controls like version pinning and data retention. This applies directly to Copilot as an AI dependency.
What is the status of recurring prompts for declarative agents?
Microsoft has canceled recurring prompts for declarative agents, representing a pullback on agent autonomy. This reinforces enterprise governance concerns around agent licensing and scaling.
Which partners have achieved Copilot Jumpstart Ready Tier status?
Epiq has advanced to Microsoft’s Copilot Jumpstart Ready Tier status for supporting AI transformations. Best implementation partners articles also address adoption gaps in mid-market companies.
What authentication issues exist in Copilot Studio's new experience?
Copilot Studio's new experience with end-user credential tools fails in Teams due to missing SSO configuration, causing authentication loops. This represents a practical governance issue for enterprise agent deployments.
Silent Egress prompt injection attack (89% success). CVE-2025-32711 for M365 Copilot. Mobile token theft vulnerability. SearchLeak CVE-2026-42824 patched. Silverfort IAM for Copilot Studio. Microsoft incident playbook. KPMG Agent 365. Aembit extends IAM, Shield adds M365 Copilot to RegTech. Copilot license boundaries tightened. Teams Recap deletion controls. Lifecycle management guidance. ShareGate MCP bridges M365 governance into Copilot, Claude, ChatGPT—71% governance workload growth since AI deployment. Identiverse 2026 confirmed agent identity gap—visibility without enforcement is a critical risk. Copilot Studio Workflow billing clarified. Epiq achieved Microsoft Copilot Jumpstart Ready Tier status. Best implementation partners article highlights adoption gap. Microsoft flags MCP tool descriptions as hidden AI agent attack path. AIIM article provides strategic three-horizon IM transformation roadmap. Admin-curated prompts feature. Real-world pilot lessons on agent licensing reveal concrete cost examples and scaling challenges. Microsoft adds in-meeting toggle for Teams Copilot to disable AI mid-meeting, giving organizers real-time control for sensitive discussions — a practical governance feature addressing privacy concerns. Bug report: Copilot Studio's new experience with end-user credential tools fails in Teams due to missing Teams SSO configuration, causing an authentication loop—a practical governance/authentication issue for enterprise agent deployments. New article: Managing third-party model risk and AI dependencies provides a practical framework for inventory, vendor assessment, and technical controls—directly applicable to Copilot governance as a third-party AI dependency. Guidance on version pinning, data retention, and transitive dependencies is actionable for enterprise risk posture. BlueVoyant released AI agent security service for Microsoft environments, offering 90-day engagement with client-owned config for inventory, identity, threat detection, and DLP for Copilot and Copilot Studio agents. Teams meeting organizer toggle to disable Copilot, Facilitator, and Intelligent recap now has clear rollout timeline. Cloudwell interview's 'gardener' metaphor and metered pricing framework also inform governance and cost-justification. Latest: Microsoft cancels recurring prompts for declarative agents, a small but telling pullback on agent autonomy that reinforces governance concerns.