Software development
Artificial Intelligence
Cloud
View all courses
Learn
Connect
Blog
Resource hub
Featured resource
2026 Tech Forecast
2026 Tech Forecast

Stay ahead of what’s next in tech with predictions from 1,500+ business leaders, insiders, and Pluralsight Authors.

Get these insights
  • Course

CVE-2025-32711 Microsoft 365 Copilot EchoLeak: Zero-click AI Vulnerability

Learn how a zero-click vulnerability in Microsoft 365 Copilot, called 'EchoLeak', exposes sensitive internal data. This episode breaks down how it works, why it matters, and what your organization can do to defend against it.

Intermediate
3m
(1)

Created by Chris Jackson

Last Updated Jul 01, 2025

Course Thumbnail
  • Course

CVE-2025-32711 Microsoft 365 Copilot EchoLeak: Zero-click AI Vulnerability

Learn how a zero-click vulnerability in Microsoft 365 Copilot, called 'EchoLeak', exposes sensitive internal data. This episode breaks down how it works, why it matters, and what your organization can do to defend against it.

Intermediate
3m
(1)

Created by Chris Jackson

Last Updated Jul 01, 2025

Get started today

Access this course and other top-rated tech content with one of our business plans.

Start a free team trial
Buy now
Try this course for free

Access this course and other top-rated tech content with one of our individual plans.

Start a free trial
Buy now

This course is included in the libraries shown below:

  • Security
CVE-2025-32711 Microsoft 365 Copilot EchoLeak: Zero-click AI Vulnerability
Start a free team trial
Start a free trial
What you'll learn

AI-powered assistants like Microsoft 365 Copilot offer powerful productivity gains but they also introduce new and unique security risks. In this episode, CVE-2025-32711, also known as EchoLeak, is put under the microscope. You’ll explore how this critical zero-click vulnerability allows attackers to exploit Copilot using indirect prompt injection—embedding hidden instructions in everyday content like email footers and shared documents. You’ll also learn how the vulnerability works, why it’s rated CVSS 9.3, and what mitigations Microsoft has deployed. More importantly, we’ll cover actionable steps your organization should take to reduce exposure and how AI alters the security landscape.

CVE-2025-32711 Microsoft 365 Copilot EchoLeak: Zero-click AI Vulnerability
Intermediate
3m
(1)
Table of contents

About the author
Chris Jackson - Pluralsight course - CVE-2025-32711 Microsoft 365 Copilot EchoLeak: Zero-click AI Vulnerability
Chris Jackson
27 courses 4.7 author rating 23 ratings

Chris Jackson is a cybersecurity professional with years of experience in identifying security incidents, securing applications and security training. Over the years, he has tested web applications for vulnerabilities, helped deploy SIEM platforms and more. He is passionate about teaching cybersecurity and committed to learning new technologies.

More Courses by Chris

Get started with Pluralsight

View individual plans View team plans
Related Pages