During the April 5 event, Microsoft highlighted that are people who store passwords in plain-text format. In fact, some store passwords in Notepad and save them as a .txt file, which is not a good security practice as passwords should be hashed. With Sun Valley 2, Microsoft is planning to offer phishing protection at the operating system level.
Windows 11’s new security feature uses Microsoft Defender SmartScreen, which is already integrated into the operating system and provides protection against malicious apps or browser extensions. In version 22H2 or newer, Microsoft Defender will provide protection against phishing using its AI-powered detection technology.
The purpose of the new phishing feature is to protect users from phishing attacks by identifying when users are entering the credentials in apps like Notepad and malicious programs, and it alerts users via a pop-up that appears on the screen above the open apps or tabs.
So how does this work? In theory, Windows 11’s Smart Screen protection works at the kernel level and it is able to tell when you are entering your password into any app. It can also detect passwords in input forms on websites trying to replicate an original site, such as Microsoft or Facebook.
This would ensure that only trusted apps are run and block attacks on Windows 11 devices by default.
“We’re also looking ahead to bring the power of the cloud to hardware with the flexible, updatable Microsoft Pluton security processor. We’re thrilled with the ecosystem progress to date,” Microsoft said during the event.
New anti-phishing protection will be offered out-of-the-box for Windows 11 users starting with Sun Valley 2 and Windows would become the first operating system in the world to phishing protection at the kernel level.
In the past, Microsoft has blocked 25.6 billion brute force authentication attacks and detected or blocked 35.7 billion phishing emails using Microsoft Defender for Office 365.
Microsoft Azure or Office users are constantly under attack and Microsoft will be using its expertise in that area to improve Windows 11’s phishing protection, therefore making sure users’ passwords are always secure.