A command injection vulnerability in Microsoft Copilot allows an unauthenticated attacker to tamper with the service over a network, without requiring any user interaction or elevated privileges. The flaw stems from improper handling of special characters within commands, a class of vulnerability that can enable attackers to manipulate application behaviour or underlying systems. Given Copilot’s integration across Microsoft 365 and Azure services, the potential blast radius for affected organisations is significant.

Security Architect’s Take: Review your organisation’s exposure to Microsoft Copilot endpoints and ensure network-level controls restrict access to trusted users only; monitor Microsoft’s remediation guidance closely and apply any available patches or mitigations immediately, particularly if Copilot is integrated with sensitive data sources or enterprise workflows.

Original advisory: CVE-2026-42895 Microsoft Copilot Tampering Vulnerability

CVE-2026-45602 is a tampering vulnerability affecting the Windows Dynamic Host Configuration Protocol (DHCP) service. This update is an informational change only, correcting the CWE classification with no change to severity, patch status, or exploitability. No new action is required as a result of this revision.

Security Architect’s Take: No immediate action is required from this update — verify that any existing mitigations or patches applied for CVE-2026-45602 remain in place, and update internal vulnerability tracking records to reflect the revised CWE classification.

Original advisory: CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability