Yesterday, Kenneth van Surksum, a Microsoft MVP (Most Valuable Professional) in enterprise mobility and security, raised concerns about the automated installation of Microsoft Copilot on Windows Server 2022.
Microsoft Copilot is a productivity tool powered by artificial intelligence that utilizes large language models (LLMs). It allows users to leverage its conversational chat interface to generate text and images through text prompts and facilitates search for information. On the other hand, Windows Server 2022 is Microsoft's latest version of its versatile server operating system, primarily designed for business and enterprise environments. Some of its capabilities include hosting company and customer data, serving as an application hosting server, providing Hyper-V-based virtualization, and offering network infrastructure services.
Read also: Roblox Unblocked - Free Robux Generators Spreading Malware on the Rise
Van Surksum has shared with his X followers a list of applications and features installed on Windows Server 2022, which included Microsoft Copilot. Some Windows Server 2022 users checked their lists of applications and found that they also contained Microsoft Copilot.
"Something something zero trust, something something secure by design," Microsoft Security MVP Ru Campbell expressed one of the popular concerns about the security implications of the automated installation of AI-powered tools.
One of the greatest fears about implementing applications based on artificial intelligence in enterprise environments is associated with the potential for compromising data privacy. "We are all LLM trainers these days," X user Earl of Northumbria stated, emphasizing how proprietary data can be utilized by software empowered by AI.
Not only can potential data collection and usage put a company's security at risk, but it can also affect compliance with data privacy policies. Other vulnerabilities facilitating exploits can also be introduced through the implementation of AI tools.
Furthermore, there are also performance concerns, as AI-driven tools may consume considerable resources and disrupt server performance. Additionally, many Windows Server 2022 users felt disheartened about the automatic installation of Copilot, as they wish to be in charge of their environments and decide for themselves whether certain applications should be installed or not.
The automatic installation also made some users wonder about the financial implications and potential costs generated by the additional software, which was installed without clear information on pricing or licensing terms.
However, some users pointed out that Copilot was unlikely to be installed without the user's intervention and that the size of the application, which appears to be only 8 KB, likely indicates that the application list contains only a shortcut leading to the download of the full app. Meanwhile, other users claimed that Copilot comes bundled with Edge, Microsoft’s internet browser.
Read also: Apple's Global Security Alert: Mercenary Spyware Targeting iPhone Users
How to remove Microsoft Copilot from the enterprise environment?
If you are sure that Copilot has been installed on your Windows Server 2022 system and you wish to remove the application, Microsoft suggests its deactivation rather than its deletion. How to turn off Microsoft Copilot then?
"Organizations that aren't ready to use Copilot in Windows can disable it until they're ready with the 'Turn off Windows Copilot' policy," Microsoft states in its instructions, adding that configuring settings within this policy makes it possible to deactivate Copilot in Windows.
"This policy setting allows you to turn off Copilot in Windows. If you enable this policy setting, users can't use Copilot in Windows, and the icon doesn't appear on the taskbar either," Microsoft further explains. It also adds that "users can use Copilot in Windows when it's available to them" if the feature is not disabled or configured.