Critics scoff after Microsoft warns AI feature can infect machines and pilfer data

Microsoft's recent announcement regarding the experimental AI feature integrated into Windows has sparked significant concern among security experts. The tech giant unveiled Copilot Actions, which aims to assist users by automating tasks like organizing files, scheduling meetings, and sending emails. While the promise of enhanced productivity is appealing, the company has issued a stark warning about potential security risks associated with enabling this feature. The cautionary note emphasizes that users should only activate Copilot Actions if they fully grasp the outlined security implications. This advisory stems from well-documented vulnerabilities present in large language models (LLMs) like Copilot. Researchers have highlighted that these models can produce factually incorrect and illogical responses, a phenomenon known as hallucination, which undermines user trust in AI-generated outputs. Moreover, another critical risk involves prompt injection, a vulnerability that allows malicious actors to embed harmful instructions within various digital communications, such as websites or emails. LLMs, designed to follow user prompts without distinction, can inadvertently execute commands from these harmful sources, potentially putting users at risk. The dual challenges of misinformation and security threats underscore the need for caution as users navigate the landscape of emerging AI technologies.