On this episode of the Practical 365 Podcast, Paul Robichaux and I are back to discuss some of the most significant developments hitting Microsoft 365 (and further afield this time). We start with deep dive into the recent EchoLeak zero-click vulnerability that targeted Microsoft Copilot, and discuss what it means for the future of AI security.
Then we dissect a major global outage that wasn’t caused by Microsoft, looking at the post-incident reports from Cloudflare and Google. We also explore Microsoft’s big new play for European data sovereignty with Microsoft 365 Local, and finally, we cover the general availability of the recent Researcher and Analyst agents in Copilot.
EchoLeak: A Zero-Click Vulnerability in Copilot
First up is “EchoLeak,” a responsibly disclosed zero-click exploit that targeted Microsoft 365 Copilot users. The attack vector was deceptively simple: a user receives a specially crafted email in Outlook, and no other interaction is required for the exploit to work. Hidden prompt injection commands within the email could trick Copilot’s summarization feature into bypassing security checks and exfiltrating data from the user’s account.
As Paul and I discuss on the show, this feels like a modern evolution of classic exploits like SQL injection or the directory traversal bugs from the early days of IIS, where a system is cleverly manipulated into executing commands it shouldn’t. While Microsoft has since patched the issue, the incident serves as a crucial wake-up call. It highlights the new attack surfaces that emerge with agentic AI and the potential risks of building autonomous agents—especially those triggered by external data sources—without the immense security resources of a hyperscaler.
Read More: AIM Security Labs: The Story of EchoLeak
A Global Outage Highlights Cascading Risk
Next, we examine the widespread global outage that briefly took down popular services like Discord and Snapchat. This time, the trail didn’t lead to Redmond. Instead, the incident originated with a flawed code change in a Google Cloud API management system. This initial failure triggered a cascading effect at Cloudflare, which relied on the affected Google service for its Workers KV storage system, leading to a major outage for many of their core products.
The post-incident reports from both companies are required reading. Paul points out how the incident showcases the classic “thundering herd” problem: when a service recovers from a total outage, the immediate flood of reconnection requests can overwhelm it. This is a phenomenon that veteran Exchange admins will know all too well from dealing with inbound SMTP queues after a network outage. The event underscores the cascading risks across the entire cloud ecosystem and is a reminder that an IT admin’s focus must now extend to the resilience of the third-party apps their business relies on.
Microsoft 365 Local: A New Play for Data Sovereignty
Microsoft’s announcement of “Microsoft 365 Local” gave us plenty to talk about. This new offering is a direct response to the intense demand for data sovereignty in Europe, driven by regulations like the US CLOUD Act. The solution will enable large enterprise and government customers to run a self-contained instance of M365 services—starting with Exchange Online and SharePoint Online—within their own controlled Azure partition. As Paul aptly put it, it’s like being able to “open up your own Burger King restaurant in the lobby of your hospital.”
While this is a significant move, we discuss the many questions that still linger. It’s not yet clear how other services like Microsoft Teams or Defender will be included, or how the update cadence will be managed. We also question whether this “enclave” model truly solves the jurisdictional concerns, given that the services still run within Microsoft’s Azure infrastructure. It’s a complex legal and technical minefield that customers considering this path will need to navigate very carefully.
Researcher and Analyst Agents in Copilot are Now GA
To wrap up the show, we cover the general availability of two powerful agents for Microsoft 365 Copilot: Researcher and Analyst. These out-of-the-box agents bring sophisticated reasoning capabilities designed to handle complex, multi-step tasks.
One of the most important features, as Paul notes, is the visibility into their “chain of thought.” This transparency allows users to understand how the agent reached a particular conclusion, which is absolutely crucial for building trust and verifying the output. For organizations that have invested in Copilot, the arrival of these GA-ready reasoning agents is a fantastic addition, bringing state-of-the-art AI capabilities directly into the corporate-safe enterprise tool.
We’ll be back next week, where Paul and I are joined by Bastiaan Verdonk and a special guest on the show from Microsoft, talking Entra ID Guest access improvements and best practices. Until then, be sure to subscribe to the Practical 365 Podcast on your favorite podcast app.
