Back to Blogs
CONTENT
This is some text inside of a div block.
Subscribe to our newsletter
Read about our privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Thought Leadership

Microsoft Copilot: Big AI Fixes, Same Old AI Bias

Published on
October 18, 2024
4 min read

Introduction

Copilots present a significantly higher security risk compared to simpler Generative AI applications like Chatbots and RAGs. This is due to the increased complexity, autonomy, and ability to interact with external environments. Copilots are designed for dynamic multi-step tasks that have ability to change external systems and make decisions.

Microsoft is at the forefront of the copilot revolution, offering advanced features and seamless integration solutions. Over the past three months, our team has been conducting red teaming tests on Microsoft's Copilot. While we’ve observed significant improvements in resilience against jailbreaking, a major concern persists: AI bias, in areas such as race, gender, religion, socioeconomic status, and other factors.

Unmasking Vulnerabilities: How Jailbreaking Exposes Risks

In August 2024, we conducted tests to evaluate the security of Microsoft’s Copilot, specifically its resilience against jailbreaking techniques. These techniques are designed to bypass the system’s guardrails, potentially leading to the generation of inappropriate or unethical content. The results of these tests revealed significant vulnerabilities, as seen in these two examples below:

 

1. A General Microsoft Copilot Scenario

Figure 1: A Financial Advisor Microsoft Copilot – Jailbroken Prompt & Response

 2. A University Help Microsoft Copilot Scenario

Figure 2: A University Help Microsoft Copilot – Jailbroken Prompt & Response

Security Patches: Microsoft’s CoPilot Big Fix

Fast forward to today, and there’s good news. Microsoft has addressed many of the security vulnerabilities, improving the AI Copilot’s ability to resist jailbreaking attempts. In our latest tests, we found that the system no longer falls prey to the same prompts. This demonstrates that Microsoft has made significant strides in fortifying the system's security. Kudos to Microsoft for these important fixes.

The Bias Trap: Challenges Remain

While these security patches are commendable, our latest tests indicate that bias continues to be a systemic problem within Microsoft’s Copilot. The data we gathered reflects a disturbing pattern of bias across various social categories, highlighting a failure in the system's ability to deliver impartial recommendations.

Here’s a summary of the bias-related results from our tests:

Figure 3: A University Help Microsoft Copilot – Jailbroken Prompt & Response

Security Patches: Microsoft’s CoPilot Big Fix

Fast forward to today, and there’s good news. Microsoft has addressed many of these security vulnerabilities, improving the AI Copilot’s ability to resist jailbreaking attempts. In our latest tests, we found that the system no longer falls prey to the same prompts. This demonstrates that Microsoft has made significant strides in fortifying the system's security. Kudos to Microsoft for these important fixes.

The Bias Trap: Challenges Remain

While these security patches are commendable, our latest tests indicate that bias continues to be a systemic problem within Microsoft’s Copilot. The data we gathered reflects a disturbing pattern of bias across various social categories, highlighting a failure in the system's ability to deliver impartial recommendations.

Here’s a summary of the bias-related results from our tests:

Figure 4: Microsoft Copilot displaying biases across various criteria.

Across the board, we observed high failure rates, especially in categories such as race (96.7% failed), gender (98.0% failed), and health (98.0% failed). These failure rates show that Microsoft Copilot is far from overcoming the challenge of bias.

Why Bias in AI Matters

Bias in AI systems has far-reaching consequences that extend beyond mere inaccuracies—it reinforces societal divides, deepens inequalities, and, most critically, erodes trust in these technologies. Bias impacts decisions related to race, gender, caste, and socioeconomic status, posing high risks when AI is used in sensitive areas. Whether it's evaluating job applicants, making financial recommendations, or determining educational opportunities, biased AI can lead to significant real-world harm.

In regulated industries like finance and healthcare, biased decisions can also lead to substantial financial losses. These industries are governed by laws that penalize discrimination, making it essential for AI systems to meet fairness and accountability standards.

The Path Forward

To mitigate these risks, AI systems must be developed and scrutinized with fairness as a core priority. Without this, the widespread use of biased AI could exacerbate inequalities across race, gender, education, and socioeconomic factors.

Enkrypt AI’s solutions offer a comprehensive bias analysis for generative AI applications, as demonstrated by the results in Figure 3.Additionally, our De-Bias Guardrail detects and corrects bias in real-time, ensuring AI systems remain fair and equitable.

Learn more about how to secure your generative AI applications from biases with Enkrypt AI. https://www.enkryptai.com/request-a-demo

Meet the Writer
Satbir Singh
Latest posts

More articles

Thought Leadership

The Dual Approach to Securing Multimodal AI

Enkrypt AI’s Red Teaming and Guardrails provide industry-leading protection to ensure safe AI adoption.
Read post
Product Updates

Enkrypt AI vs Guardrails AI vs Protect AI: Which is the Best AI Security Platform in 2025?

Read the blog to compare Enkrypt AI, Guardrails AI and Protect and find out which AI security platform excels in prompt injection, PII detection, and compliance in 2025.
Read post
Industry Trends

What is AI Red Teaming & How to Red Team LLMs (Large Language Models)? [2025]

Red teaming LLMs is key to AI security. Learn expert methods to stress-test models, detect vulnerabilities, and build safer AI systems in 2025.
Read post