what is the official Msft positioning on how you are addressing the OWASP top 10 LLM vulnerabilities for CoPilots/BCE? 

1. Prompt injections: Bypassing filters or manipulating the LLM using carefully crafted prompts that make the model ignore previous instructions or perform unintended actions.
2. Data leakage: Revealing sensitive information in the LLM’s responses, such as personal data, credentials, secrets, or confidential data.
3. Inadequate sandboxing: Failing to isolate the LLM from the underlying system or network, allowing unauthorized access or malicious activities.
4. Unauthorized code execution: Executing arbitrary code through the LLM’s responses or inputs, such as shell commands, scripts, or malware.
5. Server-side request forgery (SSRF) vulnerabilities: Making requests to internal or external resources through the LLM’s responses or inputs, such as APIs, databases, or web services.
6. Overreliance on LLM-generated content: Trusting the LLM’s outputs without proper verification or validation, leading to misinformation, deception, or fraud.
7. Inadequate AI alignment: Failing to align the LLM’s objectives and values with those of the users or stakeholders, resulting in unethical, biased, or harmful outputs.
8. Insufficient access controls: Allowing unauthorized users to access or modify the LLM’s settings, parameters, or data.
9. Model denial of service (DoS): Preventing the LLM from functioning properly by exhausting its resources, such as memory, CPU, or disk space.
10. Insecure output handling: Failing to properly filter or encode the LLM’s outputs, leading to cross-site scripting (XSS), SQL injection, or other injection attacks.