Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
There are 5 million ways to configure windows and each have an absurd and almost by-design level of convolution. You can’t possibly expect people to know about a new GPO immediately
There is one GPO to disable co-pilot. One. It’s not even hard to find and has been available for more than 6 months.
And yes I would absolutely expect someone whose job it is to manage Windows servers to know about it. And certainly, I would expect them to look it up before declaring to the world how bad at their job they are.
That is why companies will hire good sys admins who do their job and stay on top of the important group policy settings. This absolutely would not be missed by any reasonably competent IT dept.
I don’t use windows so I don’t know the specifics. If microsoft is INFORMING the user beforehand about this change (that copilot switch/policy is now available) AND DISCLOSE that in the future if you didn’t touch this switch then copilot may be installed, sure, blame admin. Otherwise, this is a shitty move from software update POV
To add:
Maybe you can link the change log provided by microsoft before this update that adds those switches or rules to prove that it has indeed been disclosed to the admin.
There are 5 million ways to configure windows and each have an absurd and almost by-design level of convolution. You can’t possibly expect people to know about a new GPO immediately
There is one GPO to disable co-pilot. One. It’s not even hard to find and has been available for more than 6 months.
And yes I would absolutely expect someone whose job it is to manage Windows servers to know about it. And certainly, I would expect them to look it up before declaring to the world how bad at their job they are.
That is why companies will hire good sys admins who do their job and stay on top of the important group policy settings. This absolutely would not be missed by any reasonably competent IT dept.
A company that’s using Windows Server is not hiring the brightest mfers
I don’t use windows so I don’t know the specifics. If microsoft is INFORMING the user beforehand about this change (that copilot switch/policy is now available) AND DISCLOSE that in the future if you didn’t touch this switch then copilot may be installed, sure, blame admin. Otherwise, this is a shitty move from software update POV
To add: Maybe you can link the change log provided by microsoft before this update that adds those switches or rules to prove that it has indeed been disclosed to the admin.