Step Aside Windows Recall, Copilot Vision Is Now Under Fire

This Week in IT, Copilot Vision raises eyebrows amongst Windows 11 users, Microsoft didn’t properly patch SharePoint servers leading to 100s of compromised servers, and 158-year-old logistics company in the UK goes bust after ransomware attack.

Links and resources

• Copilot Vision on Windows 11 sends data to Microsoft servers • The Register
• Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows | Reuters
• SharePoint victim count hits 400+ orgs in ongoing attacks • The Register
• Weak password allowed hackers to sink a 158-year-old company

Episode overview

This Week in IT, Russell discusses Microsoft’s new Copilot Vision feature, a critical SharePoint security flaw, and a major ransomware attack on a UK logistics company.

• Copilot Vision introduction: Microsoft’s Copilot Vision, now available to US Windows 11 Insiders, uses cloud-based AI to analyze screen content and assist users interactively, differing from the local processing Windows Recall feature; privacy concerns exist as screenshots are temporarily processed and chats stored in the cloud. 
• Privacy and control: Users can enable or disable Copilot Vision and Windows Recall, with organizational controls available; the technology requires Internet connectivity and currently runs only in non-EU countries.
• SharePoint security flaw: A known vulnerability in SharePoint Server 2016, 2019, and Subscription Edition was inadequately patched initially, leading to over 400 organizations, including US federal agencies, being compromised before a proper patch was released. The attack is linked to a group believed to be affiliated with the Chinese state.
• Ransomware impact on UK company: A 158-year-old UK logistics firm collapsed after a ransomware attack triggered by a weak employee password; the company could not meet the estimated £5 million ransom demand, resulting in total data loss and 700 job losses.