Microsoft 365 Message Center item MC1422060

MC1422060 - Microsoft Defender for Office 365: Prompt injection protection for email

Microsoft Defender for Office 365 introduces prompt injection protection to detect and block malicious email content targeting AI assistants. High confidence threats are auto-quarantined. Available to Plan 2 and Microsoft 365 E5 users, enabled by default from early July 2026. No action required; review workflows and inform teams.

Message Center ID
MC1422060
Category
plan For Change
Severity
normal
Services
Microsoft Defender XDR
Tags
New feature, User impact, Admin impact
Published
2026-07-09
Last updated
2026-07-09
Expires
2026-10-08

[What and Why]We are introducing prompt injection protection for email in Microsoft Defender for Office 365. This capability detects and blocks malicious prompt injection content embedded in email messages that attempt to manipulate AI assistants and agents. It helps protect enterprise data by identifying attacks designed to exfiltrate information, discover tools, or expose system prompts. High confidence threats are automatically quarantined before they can be processed by AI powered workflows. This enhancement strengthens enterprise ready AI security and aligns with evolving threat patterns.[Rollout Schedule]Public Preview: Beginning early July 2026 and expected to complete by early September 2026General Availability (Worldwide): Beginning early September 2026 and expected to complete by early September 2026[Impact on Your Organization]Who is affectedOrganizations with Microsoft Defender for Office 365 Plan 2 or Microsoft 365 E5Platforms and services Exchange Online, Microsoft Defender for Office 365, Microsoft Defender XDR servicesWhat will happenEmails identified as prompt injection will be classified as High Confidence Phish.A new Detection Technology value called Prompt Injection Protection will be applied.High confidence threats will be automatically quarantined.The feature is enabled by default for eligible tenants.Existing policies and workflows remain unchanged.These detections will appear within existing threat investigation and reporting experiences in Microsoft Defender.[Action Required / Recommendations]No action is required.Recommended actions:Review your submission and quarantine workflows.Use the Microsoft Defender submission process if false positives occur.Use Tenant Allow Block List if needed to manage exceptions.Inform your security and helpdesk teams about the new detection category.Learn more: Prompt injection protection in Microsoft Defender for Office 365 | Microsoft Defender for Office 365 | Microsoft Defender | Microsoft Learn[Compliance considerations]No compliance considerations identified, review as appropriate for your organization.