Microsoft Halts Forced Installation of Microsoft 365 Copilot App on Windows Devices
What Happened — Microsoft announced that the automatic deployment of the Microsoft 365 Copilot app, scheduled for a December 2025 rollout on Windows PCs outside the European Economic Area, has been temporarily disabled. Existing installations remain unchanged, and administrators can now control deployment via the Microsoft 365 Apps admin center.
Why It Matters for TPRM —
- Forced software installations can bypass an organization’s change‑management and security‑approval processes, creating hidden attack surfaces.
- The Copilot app introduces AI‑driven data processing; loss of control over its distribution may affect data‑privacy compliance (e.g., GDPR, CCPA).
- Vendors that bundle mandatory updates may impact contractual service‑level expectations and risk assessments.
Who Is Affected — Enterprises that rely on Microsoft 365 across all sectors (technology, finance, healthcare, education, government, etc.) and any third‑party service providers that manage Windows endpoints via Intune or SCCM.
Recommended Actions —
- Review Microsoft 365 Copilot deployment settings in the Apps admin center; disable automatic install if not required.
- Update your software‑asset inventory to reflect the presence or absence of the Copilot app on managed devices.
- Re‑evaluate data‑privacy impact assessments for AI‑assisted features and adjust contracts with Microsoft accordingly.
- Communicate the change to internal security and compliance teams to ensure alignment with existing TPRM policies.
Technical Notes — The forced rollout leveraged the Microsoft 365 Apps admin center’s “Enable automatic installation of Microsoft 365 Copilot app” flag. Administrators can now clear this flag, or use the newly tested “RemoveMicrosoftCopilotApp” policy via Intune/SCCM to uninstall. No vulnerability (CVE) or exploit is reported; the change is a product‑deployment decision. Source: BleepingComputer