Join us

Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System

Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System

April 2025 Copilot Enterprise update slipped in a Jupyter sandbox. It snuck in a PATH-poisonable pgrep at root’s entrypoint. Attackers could hijack that for root execution. Eye Security flagged the hole in April. By July 25, 2025, Microsoft patched this moderate bug. No data exfiltration reported.

Why it matters: AI sandboxes widen attack surfaces, forcing teams to harden container security.


Let's keep in touch!

Stay updated with my latest posts and news. I share insights, updates, and exclusive content.

By subscribing, you share your email with @faun and accept our Terms & Privacy. Unsubscribe anytime.

Give a Pawfive to this post!


Only registered users can post comments. Please, login or signup.

Start blogging about your favorite technologies, reach more readers and earn rewards!

Join other developers and claim your FAUN.dev account now!

Avatar

The FAUN

@faun
A worldwide community of developers and DevOps enthusiasts!
Developer Influence
3k

Influence

302k

Total Hits

1

Posts