V-268315
SV-268315r1135269_rule
CAT II
Copilot must be disabled for Windows 10.
From: Microsoft Windows 10 Security Technical Implementation Guide (V3R6)
Description
<VulnDiscussion>Some features may communicate with the vendor, sending system information or downloading data or components for the feature. Turning off this capability will prevent potentially sensitive information from being sent outside the enterprise and uncontrolled updates to the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Run the following PowerShell command as an administrator:
Get-AppxPackage -AllUsers | Where-Object { $_.Name -like "*Copilot*" }
If Microsoft.Copilot displays, this is a finding.
Fix Text
Open PowerShell as an administrator. Run the following command:
Get-AppxPackage -AllUsers *CoPilot* | Remove-AppxPackage -AllUsers
CCI Reference
CCI-000382- Created
- 2026-01-14 17:55:45
- Last Updated
- 2026-03-05 13:41:37