好的,我现在需要帮用户总结这篇文章的内容,控制在100字以内。首先,我得通读整篇文章,抓住主要信息。 文章讲的是微软正在扩展数据丢失防护(DLP)控制,阻止Microsoft 365 Copilot处理机密文档。当前的DLP政策只适用于存储在SharePoint或OneDrive的文件,但不包括本地设备上的文件。微软计划在2026年3月底到4月底通过AugLoop组件部署这一变化,确保所有Office文档无论存储位置都能受保护。 此外,微软提到这是为了响应客户反馈,希望保护覆盖更一致。Copilot将无法处理被标记为受限的文档。更新不会改变Copilot的功能,而是增强客户端和AugLoop直接读取敏感标签的能力。 文章还提到之前的一个软件漏洞导致Copilot错误访问和总结用户的Sent Items和Drafts文件夹中的机密邮件,尽管这些邮件被标记为机密并受DLP保护。微软解释说,漏洞只让已授权的人访问总结信息,但行为不符合预期的Copilot体验。 总结时需要涵盖以下几点: 1. 微软扩展DLP控制阻止Copilot处理机密文档。 2. 当前政策仅限于云存储,即将扩展到本地文件。 3. 部署时间:2026年3月底至4月底。 4. 增强功能以统一保护覆盖。 5. 前提是之前的一个漏洞事件。 现在要将这些信息浓缩到100字以内,并且不要以“文章内容总结”开头。确保语言简洁明了。 可能的结构: 微软扩展数据丢失防护(DLP)控制至本地文件,阻止Microsoft 365 Copilot处理机密Word、Excel、PowerPoint文档。此功能将于2026年3月底至4月底通过AugLoop组件部署,统一云和本地文件的保护。此前因软件漏洞导致Copilot错误访问机密邮件引发关注。 检查字数是否符合要求,并调整用词使其更流畅自然。 </think> 微软扩展数据丢失防护(DLP)控制至本地文件,阻止Microsoft 365 Copilot处理机密Word、Excel、PowerPoint文档。此功能将于2026年3月底至4月底通过AugLoop组件部署,统一云和本地文件的保护。此前因软件漏洞导致Copilot错误访问机密邮件引发关注。 2026-2-24 17:30:20 Author: www.bleepingcomputer.com(查看原文) 阅读量:0 收藏
Microsoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel, and PowerPoint documents, regardless of their location.
Currently, Microsoft Purview DLP policies apply only to files stored in SharePoint or OneDrive, but not to those stored on local devices.
This change will be deployed through the Augmentation Loop (AugLoop) Office component between late March and late April 2026 to ensure that DLP controls apply to all Office documents, whether they are stored locally, in SharePoint, or OneDrive.
"This enhancement responds to customer feedback requesting more consistent protection coverage across local and cloud-based file locations," Microsoft said in a message center update.
Once the change is deployed, Copilot will not be able to read or process Word, Excel, or PowerPoint documents that are labeled as restricted by DLP controls.
Microsoft also stated that the changes will be automatically enabled for organizations with DLP policies configured to block Copilot from processing sensitivity-labeled content, without requiring any administrative action or changes.
"This update does not modify Copilot capabilities. Instead, Office clients and AugLoop have been enhanced so AugLoop can read a file's sensitivity label directly from the client," Microsoft added.
"Today, AugLoop retrieves the label by calling Microsoft Graph using the file's SharePoint or OneDrive URL, which limits DLP enforcement to files stored in OneDrive and SharePoint. By enabling the client to provide the label, DLP enforcement now applies uniformly across all storage locations, including local files."
This comes on the heels of a software bug (described by Microsoft as a "code issue") that allowed Microsoft 365 Copilot Chat (the company's AI-powered, content-aware chat that lets users interact with AI agents) to read and summarize confidential emails in users' Sent Items and Drafts folders for nearly a month despite the emails being protected by active data loss prevention policies and labeled as confidential.
The bug, which was first discovered on January 21, affected the Copilot "work tab" chat functionality, which mistakenly accessed and summarized emails stored in users' Sent Items and Drafts folders, including those labeled confidential and intended to be protected from automated tools by explicit confidentiality labels.
In a statement to BleepingComputer, Microsoft explained that the bug provided access to the summarized information only to those who were already authorized to see it, but that the "behavior did not meet our intended Copilot experience, which is designed to exclude protected content from Copilot access."
The future of IT infrastructure is here
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.
如有侵权请联系:admin#unsafe.sh