Microsoft fixes Windows 11’s two years-old security bug that turns off Phishing protection

Peer Networks UK Windows Latest Microsoft fixes Windows 11’s two years-old security bug that turns off Phishing protection
9 January 2025

Phishing Protection in Windows 11 used to turn off on reboot, especially when using a PIN, but this week’s security release fixes it.

One of the most reported and frequently observed issues in Windows 11 is a bug where phishing protection would reset and turn off automatically when you reboot your computer. For some reason, it looks like Microsoft has had enough of the complaints, and it has finally fixed it.

KB5007651, which is the latest security update for Windows Defender, finally fixes an issue where Phishing Protection in Microsoft Defender SmartScreen keeps turning off whether you use a school, personal or work account. This happens when you reboot PC and use Windows Hello with a PIN.

For those unaware, you can find the toggle under Reputation-based protection > Reputation-based protection settings.

Phishing protection in Windows 11

The catch is that the above toggles related to the Phishing Protection would turn off automatically when you use Windows Hello with a PIN and reboot your PC. As per Microsoft’s documentation, that’s an intended behaviour. In the document, Microsoft explains how the feature works when you sign in with a password.

Phishing protection feature alerts you if you type or paste your school or work password into a known malicious site, reuse your password in unsafe ways, or store it in plain text.

The documentation also states:

When a user signs in to a device using a Windows Hello for Business PIN or biometric, Enhanced Phishing Protection does not alert the user or send events to Microsoft Defender for Endpoint (MDE).

In other words, it won’t provide the same alerts or telemetry if you sign in with a PIN/biometric. That effectively means Enhanced Phishing Protection isn’t active in the same way as when you sign in with a password. So yes, the documentation does say iPhishing Protection does not work (no alerts or MDE events) when using a PIN.

However, the Windows Security app poorly handled how Phishing Protection works on Windows 11 when using PIN. It’s always been confusing because you could turn on the Phishing Protection, then it will turn off automatically, and you’ll see the following error message as previously spotted by Windows Latest:

Phishing protection error

As some Microsoft agents describe in a live chat, it’s a design flaw as Windows Security app doesn’t know what to do in such a case.

Many of us were frustrated because we had to switch it back on each time. In fact, I almost gave up and stopped looking after the settings.

But recently, KB5007651, the latest security update for Windows Defender, seems to have fixed this issue.

As some users noticed and confirmed by Windows Latest in our own tests, you can now keep Enhanced Phishing Protection on even when you use the PIN to sign to your PC.

This means the Phishing Protection feature won’t turn off automatically after you reboot your PC.

Windows Latest verified that the toggle now remains turned on in all versions of Windows 11.

The post Microsoft fixes Windows 11’s two years-old security bug that turns off Phishing protection appeared first on Windows Latest