MC1422060 - Microsoft Defender for Office 365: Prompt injection protection for email

Message Center

Summary

Microsoft Defender for Office 365 introduces prompt injection protection to detect and block malicious email content targeting AI assistants. High confidence threats are auto-quarantined. Available to Plan 2 and Microsoft 365 E5 users, enabled by default from early July 2026. No action required; review workflows and inform teams.

Published

Jul 9, 2026

Service

Microsoft Defender XDR

Tag

New feature
User impact
Admin impact

More information

What and Why

We are introducing prompt injection protection for email in Microsoft Defender for Office 365. This capability detects and blocks malicious prompt injection content embedded in email messages that attempt to manipulate AI assistants and agents. It helps protect enterprise data by identifying attacks designed to exfiltrate information, discover tools, or expose system prompts. High confidence threats are automatically quarantined before they can be processed by AI powered workflows. This enhancement strengthens enterprise ready AI security and aligns with evolving threat patterns.

Rollout Schedule

  • Public Preview: Beginning early July 2026 and expected to complete by early September 2026
  • General Availability (Worldwide): Beginning early September 2026 and expected to complete by early September 2026

Impact on Your Organization

Who is affected

  • Organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft 365 E5

Platforms and services

  •  Exchange Online, Microsoft Defender for Office 365, Microsoft Defender XDR services

What will happen

  • Emails identified as prompt injection will be classified as High Confidence Phish.
  • A new Detection Technology value called Prompt Injection Protection will be applied.
  • High confidence threats will be automatically quarantined.
  • The feature is enabled by default for eligible tenants.
  • Existing policies and workflows remain unchanged.
  • These detections will appear within existing threat investigation and reporting experiences in Microsoft Defender.

Action Required / Recommendations

No action is required.

Recommended actions:

  • Review your submission and quarantine workflows.
  • Use the Microsoft Defender submission process if false positives occur.
  • Use Tenant Allow Block List if needed to manage exceptions.
  • Inform your security and helpdesk teams about the new detection category.

Learn more: Prompt injection protection in Microsoft Defender for Office 365 | Microsoft Defender for Office 365 | Microsoft Defender | Microsoft Learn

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.