The new security setting does not solve prompt injection, but disables browsing, agents, connectors and other outbound channels that attackers need to exfiltrate data.
The important signal is not the announcement alone, but the numbers, timing and institutional choices behind it.
Sources:CocoLoop