Microsoft.WindowsCloudIOProtectionDriverSecuring Input for Windows 365 Cloud PCs
$ winget install --id Microsoft.WindowsCloudIOProtectionDriver --exact --version 0.0.693Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.
For Intune admins
Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph — no manual repackaging, no chasing vendor sites.
See Pckgr's app libraryWindows 365 Cloud PCs already encrypt sessions and enforce identity-based authentication methods like MFA to prevent hijacking and man-in-the-middle attacks. However, endpoint device resident threats targeting windows cloud sessions such as key loggers that can still compromise sensitive data, leading to compliance risks and financial loss.
Windows Cloud IO Protection addresses this gap with a kernel-level driver and system-level encryption that securely routes keystrokes directly to the Cloud PC, bypassing OS layers vulnerable to malware. When this feature is enabled on a Cloud PC or Azure Virtual Desktop session host, it enforces a strict trust model:
- Only protected endpoint physical devices can connect.
- Endpoints must have the Windows Cloud IO Protect MSI installed to be protected.
If the MSI is missing, the connection is blocked and an error message appears. This ensures a secure channel between the Windows app and the Cloud PC/Azure Virtual Desktop session host, delivering uncompromised input protection.
Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.