HomeIntelligenceBrief
BREACH BRIEF🟢 Low Advisory

Microsoft Outlook Classic UI Bug Removes Copilot Buttons for Licensed Users

A June 2026 service change caused Copilot buttons to disappear from Classic Outlook on Windows, prompting a Microsoft fix that requires client restarts and updates. The incident underscores the importance of continuous control monitoring and audit evidence for SOC 2 readiness.

LiveThreat™ Intelligence · 📅 July 03, 2026· 📰 bleepingcomputer.com
🟢
Severity
Low
AD
Type
Advisory
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
bleepingcomputer.com

Microsoft Outlook Classic UI Bug Removes Copilot Buttons for Licensed Users

What Happened — A service change released on June 29 2026 caused the Copilot Chat button (and related UI elements) to disappear from Classic Outlook for Windows users holding a Copilot Chat (Basic) license. The issue also manifested as grayed‑out commands, non‑responsive “Open” actions, and missing icons in the left app bar. Microsoft released a fix that requires a client restart and an Office update; a fallback is to revert to the previous Current Channel build.

Why It Matters for Compliance & Audit Readiness

  • The incident highlights the need for continuous control monitoring of software configuration and UI changes that affect security‑related features.
  • SOC 2‑aligned programs must capture audit evidence that critical controls (e.g., AI‑assisted data handling) remain operational after updates.
  • Mapping this UI change to your Change Management and System Operations controls demonstrates due diligence and supports a defensible audit trail.

Who Is Affected — Primarily enterprise and SMB customers using Microsoft 365 Outlook (Classic) on Windows; spans all verticals (tech, finance, health, etc.).

Recommended Actions

  • Verify that all Outlook clients are updated to the latest build (File → Office Account → Update Options → Update Now).
  • Document the update status and retain logs as evidence of compliance with change‑management controls (SOC 2 CC‑7.1).
  • If updates cannot be applied, revert to the prior Current Channel build (16.0.20026.20168) or switch to Outlook Web Access, and record the workaround.
  • Include UI‑availability checks for Copilot in your regular control‑mapping reviews.

Source: BleepingComputer

Technical Notes

  • No vulnerability or CVE disclosed; the root cause is a regression in the Outlook UI layer after a service change.
  • Impact limited to feature visibility; no data loss or credential exposure reported.
  • Microsoft also investigating a separate crash issue linked to Kaspersky’s mcou.dll.
📰 Original Source
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-that-removed-copilot-button-in-outlook/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →