Newsworthy Highlights |
Step-by-Step Compliance for the Cybersecurity Maturity Model Certification (CMMC)
If you are impacted by the Cybersecurity Maturity Model Certification (CMMC) this post is for you.
Microsoft 365 Government Community Call
Join Jay Leask and other members of the Government Community live on LinkedIn!
Where to Start with Microsoft Teams Apps in Gov Clouds
Customers in our Office 365 government clouds, GCC, GCCH, and DoD, are continuing to evolve how they do business in the hybrid workplace. As Microsoft Teams is the primary tool for communication and collaboration, customers are looking to improve productivity by integrating their business processes directly into Microsoft Teams via third-party party (3P) applications or line-of-business (LOB)/homegrown application integrations.
Microsoft 365 Government Adoption Resources
Empowering US public sector organizations to transition to Microsoft 365
Release News |
We are adding a new option under the "Export" menu for Microsoft Lists: Export to Power BI
We are making some updates to improve SharePoint pages authoring and an update for the Office theme in Classic SharePoint to align the presentation with the application experience
Walkie Talkie usage and performance report gives Teams admins an overview of Walkie Talkie activity ...
Teams device store enables admins to discover, purchase and provision certified devices from Teams a...
Suggested files in Teams chat will help users attach a file to a conversation by suggesting the most...
Closed Captions will now be supported for embedded videos in PowerPoint Live for Teams – GCC March, ...
Microsoft Viva Insights Redesign - GCC April, GCCH & DoD March 22
Briefing and Digest Emails will roll-out to DoD and GCC-High
Licensing update for DLP protection in Microsoft Teams
Microsoft will retire Stream (Classic) on February 15, 2024. Certain parts of the service will retir...
Several Microsoft 365 connectors will be retired and will stop working for Teams and Outlook
References and Information Resources |
Microsoft 365 Public Roadmap
This link is filtered to show GCC, GCC High and DOD specific items. For more general information uncheck these boxes under “Cloud Instance”.
Stay on top of Microsoft 365 changes
Here are a few ways that you can stay on top of the Office 365 updates in your organization.
Microsoft Tech Community for Public Sector
Your community for discussion surrounding the public sector, local and state governments.
Microsoft 365 for US Government Service Descriptions
· Office 365 Platform (GCC, GCCH, DoD)
· Office 365 U.S. Government GCC High endpoints
· Office 365 U.S. Government DoD endpoints
· Microsoft Purview (GCC, GCCH, DoD)
· Enterprise Mobility & Security (GCC, GCCH, DoD)
· Microsoft Defender for Endpoint (GCC, GCCH, DoD)
· Microsoft Defender for Cloud Apps Security (GCC, GCCH, DoD)
· Microsoft Defender for Identity Security (GCC, GCCH, DoD)
· Azure Information Protection Premium
· Exchange Online (GCC, GCCH, DoD)
· Office 365 Government (GCC, GCCH, DoD)
· Power Automate US Government (GCC, GCCH, DoD)
· Outlook Mobile (GCC, GCCH, DoD)
Be a Learn-it-All |
Public Sector Center of Expertise We bring together thought leadership and research relating to digital transformation and innovation in the public sector. We highlight the stories of public servants around the globe, while fostering a community of decision makers. Join us as we discover and share the learnings and achievements of public sector communities. |
|
Microsoft Teams for US Government Adoption Guide
|
|
|
Message Center Posts and Updates for Microsoft Teams in GCC |
Looking for what’s on the map for Microsoft Teams and only Teams in GCC?
Go right to the GCC Teams Feature Communications Guide
Message Center Highlights |
SharePoint Online / OneDrive for Business
MC513050 — Export list as a dataset to Power BI
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 117379
We are adding a new option under the "Export" menu for Microsoft Lists: Export to Power BI. With this feature, users can easily and quickly create a dataset based on their list in the Power BI service, in their environment of choice. Datasets are sources of data that are ready for reporting and visualization in Power BI.
When this will happen:
Targeted Release: We will begin rolling out mid-February 2023 and expect to complete by late February 2023.
Standard Release: We will begin rolling out late February 2023 and expect to complete by early March 2023.
How this will affect your organization:
All lists for work and school will see this change.
What you need to do to prepare:
You may want to inform your users of this change and update your internal documentation accordingly.
Additional information:
· Datasets in the Power BI service
· Quickly create a dataset from SharePoint
MC513976 — Improvements to SharePoint pages authoring
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 117365
We are making some updates to improve SharePoint pages authoring. These updates include two changes to the text web part from multilingual proofing to better control over line spacing, and a change to how external images are handled in hero web part.
When this will happen:
Targeted Release: We will begin rolling these changes out in mid-February and we expect to complete rollout late February.
Standard: We will begin rolling this out in early March and we expect to complete rollout mid-March.
How this will affect your organization:
Proof text in multiple languages in text web part in pages
The Microsoft Editor Spellchecker, now integrated in SharePoint pages, will now be able to proof text in multiple languages. In addition to supporting the Page language, Editor now proofs in the M365 language and the Edge browser language. Any word in any of these three languages, will be spell checked appropriately.
More control over spacing in text web part in pages.
We’re changing the behavior for line spacing in the text web part. After the end of a line, pressing enter will create a new line right underneath the previous line. This is a change from the previous behavior where pressing enter created a new paragraph. This provides users more control over what their text looks like.
Change to external image support in Hero web part.
To improve rendering of the hero web part, we’re aligning to the image web part and removing support for external images. Instead recommend uploading the desired images to the site or leveraging the Stock images. Existing Hero web parts with external images will continue to work.
What you need to do to prepare:
There is no work required to prepare for the updates listed for SharePoint Pages authoring, however you might want to notify your users about this change and update your training and documentation as needed.
Add text, tables, and images to your page with the Text web part - Microsoft Support
Use the Hero web part - Microsoft Support
MC513663 — Site Activity web part update – GCCH & DoD
|
|
|
|
|
<30 Days |
|
|
With this recent update to the site activity web part, activity in your environment will now be displayed in the site activity webpart. This can include activities related to SharePoint, Planner, Exchange, and other Microsoft services.
When this will happen:
Standard Release: We will begin rolling out mid-March 2023 and expect to complete by end of March 2023.
How this affects your organization:
Your users will see new activity in the Site Activity web part, notification of this update can be sent for awareness if desired, but no action is required for these activities to appear for your organization.
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
MC512200 — SharePoint Platform: Theme updates
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 101150
In an update to the Classic change the look experience, updates the images of the Office (blue) theme will be made to match the colors used. The Office theme images will transition from blue to teal to create consistency in the experience of what you select and the impact to the site.
When this will happen:
Standard Release: We will begin rolling out in late February and the rollout will complete by mid-March.
How this will affect your organization:
No action is required from you to implement this update. However, there are some visual differences that you and your organization might notice as detailed below.
Classic SharePoint theme update
Site owners will see an updated color scheme in the classic Change the Look for the Office theme. This update will provide consistency in the theme visualizations and the implantation of the default/Office theme when applied to the site.
Sample site in Change the Look Office details before:
Change the Look theme options before:
Updated Office Theme – Teal images
What you need to do to prepare:
There is no action needed to prepare, this will not impact any existing sites.
MC499439 — (Updated) Updated Files On-Demand Settings on Windows
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 101520
Updated February 14, 2023: We have updated the rollout timeline below. Thank you for your patience.
We have an update to the OneDrive sync app advanced settings for Files On-Demand on Windows. Previously, a toggle was shown to allow users to opt out of Files On-Demand. After this change, users who have Files On-Demand enabled will no longer see that toggle. Instead, users will see two buttons: Download files as you open them and Download all files now.
When this will happen:
We will begin rolling out in mid-March (previously early February) and expect to complete rollout by early April (previously late February).
How this will affect your organization:
This change only affects users who have Files On-Demand enabled. There is no change at this time for users that have the feature disabled from OneDrive settings or by admin policy.
Previously, a toggle was shown to allow users to opt out of Files On-Demand. After this change, users who have Files On-Demand enabled will see two buttons:
· Download files as you open them: This is the default and recommended behavior. New files from the cloud are online-only by default, not taking up disk space. Files are downloaded to the device if a user opens them or chooses the option to "Always keep on this device" from the context menu in File Explorer. Files created on the device are available offline by default.
· Download all files now: This setting is equivalent to choosing the option to "Always keep on this device" from the context menu in File Explorer for the entire OneDrive folder. Selecting this option causes all files from the cloud to be downloaded, taking up disk space on the device. The behavior of this setting is equivalent to the legacy option of turning off Files On-Demand mode, with some improvements like updated icons.
What you need to do to prepare:
No action is required at this time. If you have documentation that describes how to disable the Files On-Demand setting, you will need to update it. For more information, please visit this page.
MC455520 — (Updated) SharePoint admin center: Streamlining management of site information across Teams and Microsoft 365 Groups
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft 365 Roadmap ID 100053
Updated February 6, 2023: We apologize for the delay and have updated the rollout timeline below. Thank you for your patience.
SharePoint is updating the site detail panel to include Microsoft Teams and Microsoft 365 Groups information.
Standard Release: We will begin rolling out mid-November 2022 and expect to complete by late February (previously late-December).
How this will affect your organization:
Admins that have permissions to SharePoint, Teams and Groups admin centers can now manage all related attributes (membership, group name, description, etc.) from a single site detail panel in the SharePoint admin center 'Active Sites' tab. SharePoint admins with SharePoint only permissions will have read-only access to the new attributes.
What you need to do to prepare:
No preparation is required
MC403644 — (Updated) OneDrive: Sharing Experience - Share Menu Dropdown
Microsoft 365 Roadmap ID 83727
Updated February 14, 2023: Based on early feedback we have decided not to proceed with this change. Thank you for your feedback.
We’re updating the Share button in Microsoft OneDrive to provide easy access to additional sharing options. When you select Share in OneDrive for Business on Web, you'll see a contextual menu with all choices available to you for sharing files or folders with your teammates.
How this will affect your organization:
Users who interact with the OneDrive/SharePoint share control will be able to see this new Menu.
· Share link, Email link or Send link: Email the file link directly to a one or more recipients.
o Note: users may see one of three different notations until finalized.
· Copy link: Copy a link to share with recipients directly.
· Manage Access: View and manage who has access to your files or documents.
Note: Some users may see this feature before others in your organization.
What you need to do to prepare:
There is no action needed from you at this time. You may want to notify your users about this new capability and update your training and documentation as appropriate.
Power Platform
MC512527 — Secure Power Platform Environment Maker and Basic User security roles
|
|
|
|
|
<30 Days |
|
|
Beginning in March 2023, Power Platform Environment Maker and Basic User security roles will be made non-customizable. The update will be fully deployed by mid-April following our normal update process. For more information you can visit the Service Updates schedule.
How this will affect your organization?
We provide a set of predefined security roles to run out-of-the-box applications and services in alignment with the role customization policies across the Microsoft Cloud. This allows for a more consistent and reliable admin and user experience. These security roles are not customizable and align with our role customization policies across the Microsoft Cloud to drive a more consistent and reliable admin experience. If you have made changes to these security roles, your changes can be overridden during subsequent system updates.
To avoid interruption to your service or how you maintain the Power Apps Maker experience and your users' running applications, we are making the Environment Maker and the Basic User security role non-customizable.
What you need to do to prepare
If you have made changes to the Environment Maker or the Basic User security roles, you will need to plan to create a separate security role and copy from your updated roles.
To learn more:
· Secure environment maker and basic user security roles by making them non-customizable
Microsoft Viva
MC522480 — Send Praise from Viva Connections Dashboard
|
|
|
|
|
<30 Days |
|
|
Microsoft Roadmap ID 117378
Site owners/authors of Viva Connections can add the Praise card from Microsoft Insights on the dashboard, allowing employees to send praise to their colleagues. The Praise experience is the same experience as the one available within Microsoft Viva Insights today.
When this will happen:
We will begin rolling out in early March and expect rollout to be complete by late March.
How this will affect your organization:
Employees will be able to send Praise to their colleagues with the Praise card. This card will be available in the Connections dashboard toolbox.
What you need to do to prepare:
Site owners will need to add the Praise card manually to their organization's dashboard. Search for "Praise" in the dashboard toolbox. For additional information on the user experience, please visit this documentation.
We recommend updating any relevant training documentation.
MC516353 — Microsoft Viva: Topic Discovery Analytics to Show Sites Processed
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 100060
This update will provide transparency on topic discovery through analytics, by showing the Sites processed counts in Microsoft Admin center.
When this will happen:
We will begin rollout in late February and expect to complete rollout by early-March.
How this will affect your organization:
SharePoint or tenant Admins will have access to Sites Processed analytics in Microsoft 365 Admin center. This will help Admins be aware of SharePoint sites being processed for Topics discovery to inform Knowledge Managers when they can begin reviewing Topics.
Note: Users or Knowledge Managers will not have access to these analytics.
What you need to do to prepare:
There are no additional steps needed to prepare.
MC500903 — (Updated) Microsoft Viva: Praise Highlights in Profile Card in Teams and Outlook
Microsoft 365 Roadmap ID 109551
Updated February 7, 2023: We have made the decision to not proceed at this time. Thank you for your patience.
Praise in Microsoft Teams is designed to appreciate the effort that goes into the wide-ranging, collaborative work that Teams users do. Users can send praise to their colleagues through the messaging extension pinned to the Teams messaging bar or through the Microsoft Viva Insights app in Teams. For both, admins can use the Microsoft Teams admin center to enable/disable Praise.
With updates coming soon, praises received will be highlighted on a user’s profile card in Teams and Outlook. There are settings available for users that prevent praise highlights from being visible on their profile card.
How this will affect your organization:
When a user receives praise, the title and note will be visible on their profile card in Team and Outlook People in their organization whom they have emailed, chatted, or met with in the past year will be able to view their praise details.
Users can go to settings in their Viva Insights app in Teams and switch the praise visibility toggle off to disable praise highlights from showing.
What you need to do to prepare:
Refer to Praise with Viva Insights | Microsoft Docs which will be updated in sync with this roll out.
Microsoft Teams
MC523057 — Collaborate in Teams Meetings with Excel Live in GCC-H and DoD
|
|
|
|
|
|
30-60 Days |
|
Microsoft 365 Roadmap ID 116897
With "Excel Live," you can share and collaborate with Excel workbook in a meeting. This is handy when you want to get work done with your colleagues in a meeting, it seamlessly turns the meeting window canvas to an Excel workbook collaboration without having to move between windows and screens.
When this will happen:
GCCH: We will begin rolling out in early April and expect to complete rollout by late April.
DoD: We will begin rolling out in early May and expect to complete rollout by late May.
How this will affect your organization:
To begin collaborating with Excel workbook:
1. While you are in a meeting, open share tray and scroll down to the Excel Live section.
2. Select the Excel workbook from the most recently used file that you want to share and collaborate with others in the meeting. If you are not able to find the Excel workbook, you can also use 'Browse OneDrive' or 'Browse my computer' to select the workbook.
3. Once the workbook is selected the share permission dialog will appear. Click share to provide access to people invited to the meeting.
4. The file will be loaded for all participants in a Teams meeting window and will be ready for editing.
Supported scenarios:
· Excel Live is supported on Desktop, Mac, and Mobile. Web support is coming soon.
· The feature is enabled by default. Specific IT admin controls will be available soon.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.
MC523053 — Microsoft Teams: Explicit Recording Consent for Teams Meetings
|
|
|
|
|
|
30-60 Days Phased |
|
Microsoft 365 Roadmap ID 107781
Microsoft Teams is going to support an Explicit Recording Consent meeting policy. When the policy is applied, the Teams meeting window will request explicit consent of all participants to be recorded. Before a user gives consent, the user’s audio, video, and screenshare/consent-share won’t be captured in the meeting recording.
When this will happen:
Standard and GCC: We will begin rolling out in late March and expect to complete rollout by mid-April.
GCC-High: We will begin rolling out in late April and expect to complete rollout by early May.
DoD: We will begin rolling out in late May and expect to complete rollout by early June.
How this will affect your organization:
Explicit Recording Consent is OFF by default and is an IT admin policy-controlled feature. Admins can choose to enable the feature either for the entire tenant or for specific individuals based on their business needs.
When the policy is applied, Teams meetings set up by these individuals will request explicit consent from all participants to be recorded.
Before a user gives consent, their audio, video, and screenshare/content-share will be disabled during the meeting. This will prevent their audio, video, and screenshare/content-share from being recorded.
Participants' consent is logged and can be accessed as part of the Attendance Report.
What you need to do to prepare:
You may want to update your training materials indicating that this policy is now supported.
Admins can use PowerShell to enable or disable this feature using the following examples, and the Teams Admin Center will soon support the policy setting as well.
Set-CsTeamsMeetingPolicy -Identity Global -ExplicitRecordingConsent "Enabled"
Set-CsTeamsMeetingPolicy -Identity Global -ExplicitRecordingConsent "Disabled"
Please keep in mind of the following dependencies and limits when deciding to enable the feature:
1. The feature relies on Attendance Report; for customers who have disabled the Attendance Report, end users will not be able to enable their mic, camera, or screensharing/content-sharing when a recording is started. If you are unable to enable Attendance Report, we recommend waiting for a future update.
2. To avoid disruptions for end-users, they should be using the most recent version of Teams.
3. In meetings requiring explicit consent, users joining from unsupported endpoints, such as older client versions and CarPlay, will not be able to enable their mic, camera, or screenshare/content-sharing during recording.
4. Teams meeting rooms user and PSTN users can still get recording notifications as of today, but they cannot provide explicit recording consent, and their consent data will be logged as "not applicable" or "auto consent".
MC521468 — Open-sourcing Microsoft Teams sample Power Apps
|
|
|
|
|
Rolled Out |
|
|
|
In 2020, we released Microsoft Teams sample apps to help our customers accelerate adoption of Power Apps in Teams. We also received many requests for new functionality and customizations and love the passion our customers have for our sample app ecosystem.
We are excited to announce that we will fully open source all the Power Apps sample apps for Teams. This will empower the passionate open-source community to invest further in customizations, new capabilities, and even additional apps – and to share them with everyone.
When will this happen:
Available now
How this affects your organization:
You can acquire these sample apps from the Teams Store to GitHub (GitHub - microsoft/teams-powerapps-app-templates: Sample Teams app built by Power Apps). The Power Apps Teams personal app will continue to showcase these samples and direct users to GitHub to download and install them in Teams. This aligns with our broader Microsoft effort to engage with the open-source community.
What you can do to prepare:
You may consider updating your training and documentation as appropriate.
In the future, we will look to add more open-source samples and app templates to contribute further to the ecosystem. We’re excited for what the community will create from these sample templates!
MC520319 — Microsoft Teams Rooms on Android User Experience Update 1 2023
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 119621, 119620, and 119622
This update introduces several new features for Teams Rooms on Android that improve the meeting join, content sharing, and hybrid collaboration experiences.
When this will happen:
Roll out to production starts early March 2023 and is expected to be completed by April. Note that there can be a delay between when features are released by Microsoft and when they become available on a device model and make. If an update isn't available on your device, check with your device manufacturer for information on when it might become available.
How this will affect your organization:
Join Teams meeting with ID
Users can enter any valid meeting ID and passcode to join a Teams meeting from a Teams Room, making meeting join easier for participants when the room is uninvited to the meeting.
Meet app updates
Users can quickly start an ad-hoc meeting in the room with a tap using the Meet button on home and invite participants to the new meeting. P2P and group calling functionalities are moved under the Call application.
Room reservation extension
During a meeting, in-room users can extend the existing room reservation when the room is available within their desired timeframe. Users can find the option to extend the room reservation on the More menu located at the meeting utility bar. Admins can turn on the “Extend room reservation” setting in the device settings to enable this feature.
Front row
Front row is a layout designed to enhance hybrid meetings for in-room participants: users can see remote attendees at eye level, making the interaction more natural between participants regardless of whether they are in-room or remote. Meeting chat is seen on the right panel and, for dual screens, raised hands are displayed on the left panel for increased visibility. Admins can set front row as the default layout in the device settings. Users can also select front row from the layout switcher on the meeting utility bar.
Meeting chat in Gallery, Large gallery, and Together mode
To promote inclusion, users can choose to show meeting chat on the front of room display in any meeting layout using the layout switcher. Admins can disable the "Show meeting chat" setting in the device settings if needed.
HDMI auto share controls
Admins can control the automatic sharing of HDMI content in a room with the “Automatically share to the room display” setting in the device settings. Admins can disable this setting to require users to tap "Share" after plugging in the HDMI or USB-C cable before content sharing begins. Otherwise, HDMI content is automatically presented to the room display in and out of a meeting by default once users plug in an external source via HDMI ingest.
HDMI audio share
In-room users can share PC system sound when sharing content via HDMI in and out of a meeting. PC system audio is played locally through the room speakers and added into the conference sound for remote participants to hear. If needed, in-room users can turn off audio-sharing in a meeting from the Share menu so that PC system audio does not play into the meeting but continues to play locally. Admins can turn off the “Include audio” setting in the device settings to disable PC system audio from being passed via HDMI.
Annotations
When a participant who’s joining from their desktop initiates an annotation session, in-room users can see the annotations made by other meeting participants on top of the shared content. In-room users can also add annotations using a touch display when the permissions set by the presenter allows other participants to do so. More information on how to use annotations can be found here.
Watermark-enabled meetings support
Teams Premium licensed meeting organizers can safeguard confidential meetings by enabling watermark. Watermark-enabled meetings will show the room account applied as a watermark on top of supported shared content and the video participants' camera stream to deter leaks. More details about this Teams Premium feature are found here.
What you need to do to prepare:
Please plan on updating all Microsoft Teams Rooms on Android in your tenant to the latest version through the Teams Admin Center. Once devices are updated, you can control new functionalities through the device settings and notify your users about these new capabilities and update your training and documentation as appropriate.
MC519241 — Introducing the Simplified Left Navigation Feature in Teams Admin Center
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 98394
Teams Admin Center is now equipped with a new feature to simplify the navigation process for IT administrators. The new Simplified Left Navigation feature allows administrators to pin their preferred menu options to the navigation panel, reducing clutter and streamlining the process of finding the information they need. With the click of a button, administrators can easily add or remove menu items from their pinned list, and then view their customized navigation by clicking the "Show Pinned" button.
When this will happen:
Rollout will begin in mid-March and is expected to be complete by late March.
How this will affect your organization:
1. Administrators will notice an added "Show Pinned" button in the left side navigation panel of the Teams Admin Center.
2. Administrators can pin or unpin any menu item by clicking the Pin icon next to the name of the menu item.
3. Once customization is complete, administrators can view their preferred menu items by clicking the "Show Pinned" button.
What you need to do to prepare:
You may want to notify your Teams administrators about this new capability and update your training documentation as appropriate.
MC517341 — (Updated) Microsoft Viva Insights App in Teams with Personal Insights for GCC High
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 101521, 106095, 109529
Updated March 2, 2023: We have updated this message to ensure visibility for all organizations. The content below has not changed.
Personal insights are becoming available in GCC High through the Microsoft Viva Insights app in Teams and on the web as well as via emails from Microsoft Viva. These include:
· Productivity experiences to help users get work done more effectively, such as
o Meeting habits: Users can reflect on their habits or practices in meetings they organized and accepted over the past four weeks.
o Suggested tasks: users can see task suggestions based on unread documents, Teams chats and meetings that might require follow up in one place.
· Time management and wellbeing experiences to help users practice mindfulness, such as
o Focus time: users can schedule time for focused, uninterrupted work in the week before it fills up with meetings.
o Virtual commute: users can schedule a virtual commute to help them mindfully disconnect from work.
o Quiet time: users can configure quiet time to silence after-hours mobile notifications from Teams and Outlook
o Praise: users can schedule reminders to send praise to their top collaborators and build a habit of sharing gratitude.
o Reflect: users can schedule reminders to check in on how they are feeling and privately reference their personal reflection history.
· Inspiration library: Users can access thought leadership articles from industry experts to gain inspiration on topics about wellbeing.
· A semi-monthly Digest email from Microsoft Viva that surfaces work pattern insights to help employees understand and improve their work habits over time.
Viva Insights is designed to protect privacy. The personal insights in the app and emails from Microsoft Viva are visible only to the individual; others cannot access the personalized information displayed through these surfaces unless the individual purposefully and independently shares it.
(Privacy guide, GDPR compliance).
When this will happen:
Rolling out to GCC High beginning in late March or April 2023.
How this will affect your organization:
Beginning in late March or April 2023, customers with Microsoft 365 G1, G3 or G5 in GCC High will start to see a new service plan called “Insights by MyAnalytics” as part of the services assigned to users. If you wish to disable this new service, please follow these instructions.
What you need to do to prepare:
· The Viva Insights app in Microsoft Teams will be available to users with provisioned Exchange Online mailboxes and access to Microsoft Teams.
o Please see Admin tasks for the Viva Insights app for how the app is made available to users. You can block the app by following the instructions on Manage your apps in the Microsoft Teams admin center.
o You can deploy and pin the Microsoft Viva Insights app in Microsoft Teams for all the users or for specific groups in your organization through custom policies.
o User Control: If the app is not disabled through admin policy, users can search for “Viva Insights” in the Teams App store and add the app to Microsoft Teams. If the app is already installed, the user can pin the app to the left navigation pane for easier access.
· The Viva Insights app on the web will be discoverable via insights.viva.office365.us and the Microsoft 365 app launcher on https://www.office365.us/. There are no installation requirements to access Viva Insights web app.
· Enable access to Viva Digest Emails explains how admins can configure access to the Digest emails.
MC517333 — Teams Help App Pops Out by Default
|
|
|
|
|
<30 Days |
|
|
In Teams, the Help app provides Teams guidance and support content. Previously, the Help app opened in full screen mode, filling the Teams window. With this update, Help will open as a pop out, in a separate window. This experience will allow users to view help content alongside what they are working on in Teams.
When this will happen:
We will begin rollout in early March and expect to complete rollout by late March.
How this will affect your organization:
The Help app can be accessed from the question mark icon in the app bar, on the bottom left side of the Teams application. When a user selects ‘Topics’, ‘Training’, or ‘What’s new’, the Help app will launch in a separate window. The pop out feature is available for Teams on desktop only, not Teams on web.
What you need to do to prepare:
There is nothing you need to do at this time to prepare for this feature. We recommend you update any relevant training documentation as appropriate.
MC517332 — Microsoft Teams: App Support In Channel Meetings
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 81122
With this update, apps will be support in channel meetings in Microsoft Teams.
When this will happen:
We will begin rollout in early March and expect rollout to be complete by late March.
How this will affect your organization:
Meeting organizers and participants will be able to add apps to channel meetings for better collaboration and engagement.
What you need to do to prepare:
There is no action required from you at this time. You may want to consider updating your training and documentation as appropriate.
MC516905 — Microsoft Teams: Join Meetings from Calendar View on Apple CarPlay
|
|
|
|
|
|
30-60 Days Phased |
|
Microsoft 365 Roadmap ID 114306
Users will soon be able to view upcoming meetings and join meetings via the new meetings view on Apple CarPlay with Teams after connecting iPhone to vehicles that support Apple CarPlay.
When this will happen:
Production and GCC: We will begin rollout in mid-March and expect to complete rollout by late March.
GCC-High and DoD: We will begin rollout in early May and expect to complete by early June.
How this will affect your organization:
Users in your organization will be able to view upcoming meetings and join meetings via the new meetings view on Apple CarPlay.
Tapping the Teams icon will bring users to the new calendar view where they can see upcoming meetings for that day, see progress bars indicating meeting progress, and an icon on the right indicating Teams online meetings that they can join via CarPlay.
Users can choose to join a meeting by tapping a meeting event.
What you need to do to prepare:
No specific action is required as this will be available to all Teams users and not gated by an admin policy. For additional information, please visit this page.
MC515531 — (Updated) Pronouns on Profile Cards in Microsoft Teams and Outlook Web
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 86382 and 115511
Updated February 21, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re adding a new feature to the profile card in Microsoft 365. Users in your organization will soon be able to add pronouns directly to their profile card in Outlook on the web and Teams. Pronouns are the words we use to replace someone's name in a sentence, such as “he,” “she,” or “they” in English.
When this will happen:
Targeted Release: Rollout will begin late February.
GA: Rollout will begin in late March (previously early March) and is expected to be complete by early April (previously late March).
How this will affect your organization:
The ability to allow people in your organization to display their pronouns on the profile card is OFF by default for your tenant. If elected, after you have turned pronouns ON, it is optional for users to add pronouns to their profile.
Pronouns will be shown next to the name in the top section of the profile card in Outlook on the web and Teams. Pronouns will be visible to everyone in your organization. If you want people in your organization to have the option of adding pronouns to their profile, you will have to turn pronouns ON for your tenant.
What you need to do to prepare:
Whether or not to share or publicly display pronouns is always up to an individual. Pronouns should never be assigned by a person to another person. It should be up to the person using them to decide when, where, and which pronouns are used – including whether to use this feature, should it be turned on.
Knowing someone’s pronouns does not always equate to knowing their gender identity. Administrators are encouraged to understand any applicable local laws, regulations, and cultural norms that may pose additional risks to employees should their pronouns be publicly displayed and take this into consideration as a decision is reached whether to or not to turn on this feature.
If the feature is utilized, it is recommended that internal and/or external subject matter experts in transgender inclusion be engaged to consider how pronoun display can complement (not substitute) more comprehensive efforts to support transgender communities in your organization.
Once pronouns roll out, you may want to notify your users about this new capability and update your training and documentation as appropriate.
See our available documentation below:
· For Admins: Pronouns in Microsoft 365
· Pronouns on your profile in Microsoft 365
· Frequently Asked Questions About Pronouns
MC514979 — Enabling New Call Controls with Survivable Branch Appliance
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft 365 Roadmap ID 111421
In the event of a network outage, users will soon have access to new call controls with Survivable Branch Appliance. Users will be able to use contact search, dial by name, and initiate a call from their call history. When connected to the same SBA and network, VoIP calls to peers will be routed through PSTN if the call recipient has an associated phone number.
When this will happen:
Rollout will begin in mid-February and is expected to be complete by late February.
How this will affect your organization:
There is no change required by admins to enable this feature. It will be enabled automatically. For additional information, please visit this documentation.
MC514081 — Microsoft Teams: Ultrasound Howling Detection in Teams Meetings
|
|
|
|
|
|
30-60 Days |
|
Microsoft 365 Roadmap ID 92391
Currently in Microsoft Teams, when multiple users are in a Teams meeting in the same room, a feedback loop is created, causing an echo. With this update, if multiple users are participating with laptops from the same location, Teams will notify the user that another Teams device has been detected nearby and is already included with audio in the current meeting. Teams will automatically mute the microphone and speakers of the person that joined when a user joins with audio on.
When this will happen:
Preview: We will complete rollout in late February.
Standard Release and GCC: We will begin rolling out in early March and expect to complete rollout in late March.
GCC-High: We will begin rolling out in early April and expect to complete rollout in late April.
DoD: We will begin rolling out in early May and expect to complete rollout in late May.
How this will affect your organization:
When a user wants to join a meeting that has other participants in it already that are physically in the same room, the user will be notified before joining the meeting that several people have joined the meeting and that the speaker and microphone switch will be turned off to prevent any echo. The user can turn the switch back on at any time if they wish.
It will be available on Teams Desktop client for Windows and macOS.
What you need to do to prepare:
You may want to consider updating your training and documentation as appropriate.
MC513664 — Suggested Files in 1:1 Chats
|
|
|
|
|
|
30-60 Days |
|
Microsoft 365 Roadmap ID 95065
As an extension of Suggested Replies in 1:1 chats, you can now easily save time when you need to send a file in a chat by tapping on a "Share file" suggestion.
When this will happen:
Standard Release: We will begin rolling this out early March 2023
GCC: We will begin rolling this out early March 2023
GCC-High: We will begin rolling this out early April 2023
DoD: We will begin rolling this out early May 2023
How this will affect your organization:
Once available, users will be able to tap on a "Share file" action in chat whenever intent is detected to send a file.
What you need to do to prepare:
This feature ships default on; review Manage messaging policies in Teams.
If you wish to disable this feature in your tenant, please disable the Suggested Replies setting that is found in Messaging Policies.
Users also have a setting within the app so they can disable the feature.
MC513049 — Video Closed Caption in PowerPoint Live
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 114494
Closed captions will soon be supported for embedded videos in PowerPoint Live for Teams. Video closed captions in PowerPoint Live will be rolling out across Microsoft Teams Desktop and Web and will allow PowerPoint Live users to create accessible presentations that include video.
When this will happen:
We will begin rolling out to PowerPoint Live users in early-March and expect to complete rollout by mid-March.
GCC will begin roll out in March, GCCH in April, and DoD in May.
How this will affect your organization:
When creating a PowerPoint presentation in PowerPoint for Windows or PowerPoint for Mac, users have the option to include a closed captions file with their video (as shown below).
When the presentation is shared via PowerPoint Live for Teams, any embedded video that includes closed captions stored in a separate file will automatically include the option for attendees to turn on closed captions.
When closed captions are turned on, they will appear at the bottom of the slide, as shown below:
When no closed captions are available for a video, the closed captions button will be disabled.
What you need to do to prepare:
To prepare for this change, you may want to notify your users about the new support for video closed captions in PowerPoint Live for Teams, update your training and documentation as appropriate, and encourage your users to make their PowerPoint presentations more accessible by adding closed captions for their embedded videos.
MC512625 — Microsoft Teams: Support PSTN Attendees in Meetings to Join Breakout Rooms – DoD & GCCH
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 115504
This Breakout Rooms feature in Microsoft Teams enables PSTN participants to be assigned and join breakout rooms. PSTN participants includes dial-in users, dial-out users, and call-me users.
When this will happen:
We will begin rolling out in early March and expect to complete by mid-March.
How this will affect your organization:
Scenarios supported in this version:
· PSTN participants can be assigned to breakout rooms (Manually or automatically)
· PSTN participants can join breakout rooms and hear an announcement.
· PSTN participants can join back to the main room and hear an announcement after breakout rooms are closed. (Manually closed or timer ends)
What you need to do to prepare:
No preparation is needed. You may want to update your training materials indicating that PSTN users are now supported.
MC512212 — Teams Device Store in Teams admin center - Now available in United Kingdom
|
|
|
|
|
<30 Days |
|
|
Experiencing Microsoft Teams combined with Teams certified devices ensure equitable meetings and calling across spaces, with high-quality audio and video optimized for your organizational needs. This feature enables exploring certified Teams devices and direct procurement through Teams admin center, where admins can discover and purchase these devices.
The functionality is currently available for USA and Canada customers and is being extended to customers in United Kingdom through this release.
When this will happen:
Rollout will begin in early March and is expected to be complete by late March.
How this will affect your organization:
For UK customers, this new feature will appear as an additional option in your Teams Admin Center left navigation bar, ‘Device store’, and will allow admins to access all Teams certified devices from a single place. Admins can search, sort or filter to browse through the catalog and find the device of their choice. They can then place an order through credit cards or purchase orders.
For USA and Canada customers, device store will now support UK catalog and purchase option through the country selector available within the store.
What you need to do to prepare:
You do not need to do anything to prepare. The Teams device store will be enabled by default and is limited to Teams Admin Center. For more information, please visit this page.
MC512207 — Microsoft Teams Rooms Licensing Support in Teams admin center
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft has recently introduced new Microsoft Teams Rooms Pro and Microsoft Teams Rooms Basic licenses for Teams Rooms on Windows, Teams Rooms on Android, and Surface Hub devices.
To support these new licenses, Teams admin center now offers:
· The ability to view license information for Teams Rooms and Surface Hub devices.
· Differentiated management capabilities based on the license assigned to a device.
When this will happen:
We will begin rolling out in early February and expect to complete rollout by mid-February.
How this will affect your organization:
Teams Rooms and Surface Hub devices assigned with Microsoft Teams Rooms Pro and Microsoft Teams Rooms Basic licenses can be managed using capabilities offered by each license, as described in our public documentation.
Teams Rooms and Surface Hub devices assigned with Microsoft Teams Rooms Standard and Microsoft Teams Rooms Premium licenses can be managed with capabilities that were released on or before January 1, 2023, until their license subscription ends.
User licenses that have been assigned to Teams Rooms and Surface Hub devices need to be replaced by a Teams Rooms Basic or Teams Rooms Pro license prior to July 1, 2023. Meeting devices that have a user license after July 1, 2023, will be blocked from signing in until a Teams Rooms license is assigned, as described in our public documentation.
What you need to do to prepare:
Admins managing the devices do not need to do anything at this point. These changes will take effect automatically. If there are any questions regarding licenses or manageability of these devices, please feel free to reach out.
MC503298 — (Updated) Microsoft Teams: Simplified App Update Experience
|
|
|
|
|
|
30-60 Days |
|
Microsoft 365 Roadmap ID 95676
Updated February 23, 2023: We have updated the rollout timeline and provided additional information. Thank you for your patience.
Microsoft Teams now maintains an index of all of the apps (and the corresponding versions) a user has consented to. Using this index, an app is automatically updated in real time everywhere it is installed for the user. After the user updates the app in any one context, the updated version is available in all other installed contexts, without any other user action.
When this will happen:
Standard: We will begin rollout in mid-April (previously late February) and expect rollout to be complete by mid-May (previously mid-March).
GCC, GCC-H, DoD: We will begin rollout in mid-May (previously mid-March) and expect rollout to be complete by mid-June (previously mid-April).
How this will affect your organization:
Admins can set policies for app installation and if an app that the admin has pre-installed for their organization has an app update, the app will be automatically updated unless there are changes to RSC permissions or if app developers make one or more the following changes to their apps (Role of an admin in upgrading Teams apps😞
· Add a bot. Change the ID of the bot using the botId property.
· Change the isNotificationOnly property of an existing bot that may change the bot's notifications.
· Change SupportsCalling, SupportsVideo, and SupportsFiles properties of an existing bot to add capability to call, play video, and upload or download files.
· Add or remove permissions in authorization.
· Add or remove a messaging extension, add a group tab, add a connector, or add a channel.
· Change parameters in the webApplicationInfo in the manifest file.
With the simplified app update experience, apps are automatically updated based on the admin policies defined by you.
For apps that require users to accept new permissions, the app details page has a What's new tab that highlights any changes to the app. This tab mentions any required updates to permissions.
Users can keep their apps updated to the latest version by upgrading just one time. Badging appears beside Manage your apps at the bottom of the Apps pane, and beside the Apps tab on the Manage team page.
Apps with pending updates are automatically sorted to the top in the Manage your apps pane.
What you need to do to prepare:
Admins do not need to take any action to enable this feature in their organizations. For additional information, please visit this page.
MC501981 — (Updated) Microsoft Teams: Automatic lowering of a user's Raised Hand after speaking
|
|
|
|
|
|
30-60 Days |
|
Microsoft 365 Roadmap ID 90022
Updated February 9, 2023: We have updated the rollout timeline below. Thank you for your patience.
Teams will soon have a feature that will alert attendees in meetings that have raised their hands and already had their questions addressed to automatically lower their hand. This will allow meeting organizers the opportunity to focus on unanswered questions.
This release will be rolling out only to Microsoft Teams Desktop users.
When will this happen:
Public Preview will roll out in mid-February (previously early February).
Rolling out to Production will begin in mid-March and expect to complete rollout by late March.
GCC will begin rolling out in late March and complete by early April.
GCC-H will begin rolling out in late April and complete by early May.
DoD will begin rolling out in early May and complete by mid-May.
How this will affect your organization:
Users who raise their hand in a Teams meeting and speak in the meeting will see a notification informing them that their hand will automatically be lowered soon. They will be able to choose to keep their hand raised. If the user doesn't take action on the notification, their hand will automatically lower. This should ensure smoother meeting facilitation for organizers and presenters.
What you need to do to prepare:
You may want to notify your users about this new capability and update your training and documentation as appropriate.
MC499441 — (Updated) The Room Remote feature for desktop
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 95482
Updated February 14, 2023: We have updated the rollout timeline below. Thank you for your patience.
The Room Remote feature enables touchless meetings by allowing users to control a nearby shared meeting room device from their Desktop/PC with Teams client.
This feature was first launched on Mobile and will now be available on your Desktop device formfactor.
When this will happen
Rollout is expected to start mid-February (previously mid-January) and will complete late March (previously mid-March).
How this will affect your organization
This new feature will be automatically available on the Teams Desktop Client on your Windows Desktop PC so long that the Room Remote feature is enabled on the shared meeting room device and in TAC.
What you need to do to prepare
No preparation work required.
MC496629 — (Updated) Changes coming to how dialed phone numbers are matched to users – GCCH & DoD
|
|
|
|
|
|
|
>60 Days |
Updated March 3, 2023: We are updating this message to include additional phone number formats impacted by the upcoming change. We are also postponing the roll-out of the change because it came to our attention that not all impacted customers had been informed about this change. Thank you for your patience.
Starting beginning of July 2023 Microsoft will be changing how numbers dialed by Teams users or arriving from the PSTN match the number assigned to users. This process is often referred to as Reverse Number Lookup (RNL).
The change applies to users with an assigned phone number with an extension using the following formats:
· Where the last several digits of the base number are also added as the extension. For example, +14025557334;ext=334, where 334 is both included in the base number and as the extension.
· Where both the base number and extension are unique for each user. For example, +14025557253;ext=3111 and +14025556567;ext=3112
· Where the base number is common, and the extension is unique for each user. For example, +14025557000;ext=111 and +14025557000;ext=112
The users configured with this type of phone number are either Teams users or Skype for Business Server on-premises users.
This may be a breaking change if your Teams dial plans and Direct Routing Session Border Controllers are not configured to convert dialed numbers into the full number assigned to the user including the extension.
When this will happen:
We will begin rolling out this change at the beginning of July 2023 and will be complete by mid-August 2023.
How this will affect your organization:
You might be impacted by the change, if you have users configured with phone numbers with extensions.
Today, when a call is made to a phone number, the lookup to see if that number is assigned to a specific user works as follows:
· if a call is made to +14025557334;ext=334, we will find the user configured with the phone number +14025557334;ext=334
· if a call is made to +14025557334, and there is no user configured with +14025557334, we will find the user configured with the phone number +14025557334;ext=334.
This can be an issue in situations where the same base number is used for multiple users. For example:
· User Alice is assigned +14025557000;ext=111
· User John is assigned +14025557000;ext=112
If a call is made to +14025557000, and there is no user configured with +14025557000, we would match to the first user found with +14025557000 as a base number (Alice in this case).
Based on customer feedback, we are changing the matching logic to be an exact string match between the called number and the full phone number configured for a user.
After the change, in the above examples, we will not find a user configured with the phone number +14025557334, +14025557253 or +14025557000 and calls to those number will not match to a user instead of potentially being routed to the wrong person.
What you need to do to prepare:
If you have users configured with phone numbers with the extensions, to prevent calls not being matched to the intended user, please ensure that dialed numbers from Teams users and incoming PSTN calls are formatted to exactly match the full phone number configured on the user accounts.
Check that your tenant dial plans include normalization rules that can translate abbreviated dial strings to the full phone number configured on users. In example above, the following phone number normalization rule will translate a dialed 3-digit number to the full phone number configured on the users to ensure calls will succeed:
· Pattern ^(\d{3})$ and Translation +14025557$1;ext=$1
Check that any phone number manipulation/translation rules used on your Direct Routing Session Border Controller are capable of making the translation to the full phone number configured on your users.
For more information, see:
· Create and manage dial plans
· Translate phone numbers to an alternate format
MC495330 — (Updated) Microsoft Teams: Video Filters in Teams Meetings
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 86811
Updated February 7, 2023: We have updated the content below for clarity. Thank you for your patience.
Video Filters are a new feature in Microsoft Teams meetings that will allow participants to augment their video stream with visual effects, such as frames and styles. These filters are built on the Teams Platform infrastructure and provided by Microsoft first- and third-party partners as apps and displayed as a collection of filters.
When this will happen:
· Public Preview: We will complete rollout in late January 2023.
· Standard Release and GCC: We will begin rolling out in early March (previously early February) and expect to complete rollout in late May (previously late April).
How this will affect your organization:
Users can browse and select video filters from the pre-join screen and in-meeting scenarios. During pre-join, users can access Video filters from the quick tray when they have the camera enabled. After joining a meeting, users will be able to apply effects from the meeting toolbar with the camera fly-out window or navigate all Video filters options on the side pane by clicking the Video effects button under the More menu.
To apply video filters, users will need to give consent to install the apps.
Note: The video filters can be enabled/disabled by app level from the Tenant Admin Center. Additionally, these apps will not be available in EDU tenants.
What you need to do to prepare:
You may want to consider updating your training and documentation as appropriate.
MC494734 — (Updated) Teams update: Expanded view of the profile card in Teams
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 109526
Updated February 23, 2023: We have updated the rollout timeline below. Thank you for your patience.
Beginning in March, users in your organization will be able to use expanded views of the profile card in Teams. The expanded view is already available in Outlook and includes more information, like an overview of the profile, contact information, organizational chart, and LinkedIn tab.
When will this happen:
We will begin rolling out this feature in early March (previously February) and expect to complete the rollout in late April.
What you need to do to prepare:
No preparation is needed for this change. For more information about what users can see on profile cards, see Profile cards in Microsoft 365.
MC450203 — (Updated) My Activity retirement in Teams desktop and web clients
|
|
|
|
|
<30 Days |
|
|
Updated February 28, 2023: We have updated the timeline below. Thank you for your patience.
As announced in MC411679 (August '22) we are retiring "My Activity" feature within the Activity app from Microsoft Teams desktop and web clients.
Activity will now support only activities directed to you (the option to view activities initiated by you will be retired), where we will continue to invest our development resources.
When this will happen:
We will begin rolling this out mid-March (previously late February) and expect to complete by late March (previously mid-March).
How this affects your organization:
Once this change is implemented Teams desktop and web client users will no longer see the "My activity" dropdown.
What you can do to prepare:
You may consider updating your training and documentation accordingly.
MC428506 — (Updated) Expanded reactions in Teams
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 88080
Updated February 9, 2023: We have updated the rollout timeline below. Thank you for your patience.
This update will allow users to apply any emoji as a reaction to chat or channels messages. Users can choose from over 800 existing Teams emojis to express themselves the way they want. Browse all the reaction options or use the search bar to the find the reaction you want.
This feature update will also be delivered with a new reactions user experience to support the expanded reactions options. The reaction hover bar will now feature a reduced number of quick hover options to make space for an expanded reaction button. The reaction summary will also be moved from the top right of the message to the bottom of the message bubble to make space for the wide range of options that can now be added.
This will be available for Teams desktop apps (Windows and Mac), Teams mobile (Android and iOS), and Teams on the web.
When this will happen:
Preview: We will begin rolling out mid-September and expect to complete by late September.
Standard release: We will begin rolling out mid-December 2022 (previously mid-November 2022) and expect to complete by mid-March (previously late January).
How this will affect your organization:
No action is required from tenant admins. Users will continue to be able to use the existing reactions, along with the expanded set. The feature does not have any associated settings or ability to enable/disable the feature. Users will also experience a new reactions UX to support the expanded experience.
Reaction Menu: Hover over a message to show the reaction menu.
Open picker: Click on the expanded reactions button to open the full menu and browse all the emojis and reactions available.
Reaction summary: Once you select a reaction, it will be shown in the reaction summary starting from the bottom left of the message.
Reaction list: Hover over a reaction bubble to see who added this reaction. You can also click on reaction bubbles to add (or remove) this same reaction with a single click.
Channels: This feature will be available on both chat and channels.
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC397435 — (Updated) Microsoft Teams: Start a Teams Chat with Distribution Groups, Mail-Enabled Security Groups, and O365 Groups
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft 365 Roadmap ID 62354
Updated February 21, 2023: We have updated the timeline below. Thank you for your patience.
You will now be able to start a Teams Chat with Distribution Groups, Mail-enabled Security Groups, and O365 Groups. This feature will respect the limits on members in a group chat, currently set to 250 members.
Organizations rely on Distribution Lists (DLs) as a tool to create groups of users that mirror organizational knowledge and workflows. Bringing this awareness to target audiences for specific content will enhance the core Teams experience. Allowing our customers to leverage DLs can increase workflow efficiency and bridge the gap between legacy knowledge of organization structure and a new Teams structure.
When this will happen:
GCC: Rollout complete
GCC-H and DoD: Expect to begin in early February and complete by early March.
How this will affect your organization:
With this update, users will now be able to select Distribution Lists as an audience to begin a chat within Teams.
Admins will be able to toggle this feature on or off for their tenant in the Teams admin center.
This feature will support starting a chat with Distribution lists, Office 365 groups or mail enabled security groups
As a part of this feature user can only initiate chat if Distribution lists, Office 365 groups or mail enabled security groups having <=250 members. This feature does not allow to initiate chat in situation where member list is >250
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC395422 — (Updated) Cameo in PowerPoint Live
|
|
|
|
|
TBD |
|
|
|
|
Microsoft 365 Roadmap ID 87725
Updated March 3, 2023: We are delaying this release to GCC-High and DoD organizations to ensure an optimal experience. We will communicate via Message center when we are ready to proceed. Thank you for your patience.
With Cameo in PowerPoint Live, users will be able to integrate Teams camera feed into PowerPoint presentation and customize how and where they want to appear on slides.
Cameo supports all personalization properties like any other Office graphical object such as those offered by Pictures, Gifs and Shapes. This includes layering Cameo between content, adding motion effects such as morph, changing styles, shapes etc.
Limitation: - Cameo in PowerPoint Live will not be shown in the recording, web or mobile clients.
When this will happen:
· Production will begin rolling out in early September 2022 and expect to complete by mid-September 2022.
· GCC will begin rolling out mid-December 2022 (previously early December 2022) and expect to complete by end of December 2022 (previously mid-December 2022).
· GCC-High and DoD we will communicate via Message center when we are ready to proceed.
How this will affect your organization:
Cameo will allow users to insert and fully customize their camera feed directly within PowerPoint slide prior to joining a Teams meeting. Once joined in Teams meeting, users will be able to share PowerPoint Live and see their video integrated into slides.
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
Microsoft Intune
MC517323 — Plan for Change: App protection and configuration reporting updates
|
|
|
|
|
<30 Days |
|
|
Previously mentioned in MC458650, there are several upcoming changes to app protection and configuration reports to improve and simplify the reporting experience in Microsoft Intune. We will be updating the App protection status report and adding a new report, App configuration status. These reports will have robust filtering allowing you to achieve more slices of data while working from the same report. They will replace the following reports:
· User report
· App report
· User configuration report
· App configuration report
Additionally, we will be removing the following reports (located on the current App protection status report summary view):
· Flagged users
o Note: We recommend leveraging compliance reports to determine which devices/users do not meet your organization’s compliance policies, such as jailbroken or rooted devices. For more information, see documentation for Monitor results of your Intune Device compliance policies.
· Users with potentially harmful apps
o Review documentation for additional system security options.
These changes are expected with Intune's March (2303) service release. At the time of this change or soon after, the corresponding Graph API’s will also be removed.
How this will affect your organization:
After this change, to monitor app protection policies and app configuration policies, leverage the filtering capabilities that will be available for the updated App protection status and new App configuration status reports.
What you need to do to prepare:
Update your documentation, as needed. Change any scripts that call these Graph APIs. Otherwise, no action is required, only awareness.
Additional information:
How to monitor app protection policies
MC487009 — (Updated) Plan for Change: Updates to device hardware details for iOS/iPadOS devices
|
|
|
|
|
TBD |
|
|
|
|
Updated February 9, 2023: Based on customer feedback, we have rolled back the change to device hardware details for multi-SIM support that was released with the 2301 service release. The Model attribute update is still expected in an upcoming release: https://aka.ms/IntuneID.
In an upcoming release, we are making a couple of updates to the device hardware details available for iOS/iPadOS devices. To support devices that have multiple SIM cards installed, the following attributes will default to using labels returned by the device, such as: Primary, Secondary, CTSubscriptionSlotOne, CTSubscriptionSlotTwo. For example, Primary: 123456, Secondary: 456789. Note: These labels may be displayed in the language of the local device that is reporting its inventory to Intune.
· ICCID
· IMEI
· MEID
· Phone number
Additionally, the 'Model' attribute will be updated to show the size and generation of the device. For example, instead of iPad Pro 3 it will show iPad Pro 11-inch (3rd generation).
How this will affect your organization:
If you are using automation to report on the above device hardware details, you may need to update your automation to accommodate these updated values.
What you need to do to prepare:
Update your documentation and reporting as needed, otherwise no action is required. Stay tuned to What's new in Microsoft Intune for the release.
Microsoft Defender
MC523056 — Built-in DLP content inspection engine retirement
|
|
|
|
|
<30 Days |
|
|
We are retiring the ability to configure new policies with the Built-in DLP engine from Defender for Cloud Apps/file policy configuration starting March 2023. Instead, we recommend the utilization of DCS (Data Classification Service) content inspection engine, which is where we will continue to invest our development resources. This engine is Purview's content engine and will bring the best capabilities for our users.
When this will happen:
We will be rolling this out starting in mid-March and expect to complete by late March.
How this affects your organization:
You are receiving this message because our reporting indicates your organization may be affected by this change.
Note - active file policies containing Built-in DLP will continue to work as expected, though - we highly recommend our users to start shifting all policies to use the DCS engine.
Administrators will no longer be able to configure new policies with the Built-in DLP engine, when this change is implemented.
What you need to do to prepare:
Instead of using Built-in DLP content inspection engine in file policies, we recommend using DCS.
Review - Microsoft Data Classification Services integration
Microsoft Purview
MC522570 — Microsoft Purview compliance portal: Updates to Sensitive Information Types (SITs) definitions
|
|
|
|
|
|
30-60 Days Phased |
|
In our continued efforts to be in line with latest published definitions, and to improve the accuracy of out-of-the box sensitive information types (SIT), we have updated the definition of 4 existing SITs.
When this will happen:
Rollout will begin in late February and is expected to be complete by mid-May – see table below for expected timing on each SIT update.
How this will affect your organization:
These improvements will roll out to the following existing SITs:
What you need to do to prepare:
No action is required to prepare for this update. Your existing policies (including DLP policies) need not be changed; you may wish to update internal documentation as appropriate.
Get started with sensitive information types in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Sensitive information type entity definitions
MC521457 — Microsoft Purview Data Lifecycle Management: New cmdlet for disposition review
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 106102
We're releasing a new PowerShell cmdlet for Microsoft Purview Data Lifecycle Management to support export of items for disposition review.
When this will happen:
Rollout will begin in mid-March and is expected to be complete by end of April.
How this will affect your organization:
This cmdlet allows admins to export a list of disposition review items that are either pending review or already disposed for a specific retention label. It can also be used to retrieve a list of disposed items for a specific record label. The disposition review UI supports exporting a maximum of 50,000 items. This cmdlet does not impose that same limitation.
What you need to do to prepare:
Get started with Data Lifecycle Management in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more:
· New cmdlet for disposition review
· PowerShell cmdlets for retention policies and retention labels
MC520317 — Microsoft Purview Data Loss Prevention: Support for complex conditions (GA)
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 103620
Currently available in public preview (MC489169) for Microsoft Purview Data Loss Prevention (DLP), we're introducing support for complex conditions as part of a new DLP rule authoring experience.
When this will happen:
Rollout will begin in mid-March and is expected to be complete by early April.
How this will affect your organization:
With this new DLP rule authoring experience, you will be able to create complex conditions while configuring your Microsoft Purview Data Loss Prevention policies. You will be able to create conditions with AND/OR combinations with the ability to create groups to achieve condition combinations like A AND (B OR C).
What you need to do to prepare:
Get started with Data Loss Prevention in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn about data loss prevention
MC515536 — Microsoft Purview | Data Lifecycle Management and Records Management – Microsoft Graph APIs for extensibility
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 88276
As a part of our extensibility vision and first release to Microsoft Graph, we are introducing three new APIs for retention labels, events, and event types in the Microsoft Graph beta environment. These APIs will enable you to customize and extend on what we have built in the product so far.
These APIs can be used by compliance admins and developers to manage retention labels in Data Lifecycle and Records Management solutions.
When this will happen:
Rollout will begin in late February and is expected to be complete by end of April.
How this will affect your organization:
If your organization needs to automate any operation related to retention labels or events, we recommend you achieve this by using the new Graph APIs instead of using PowerShell cmdlets. With Graph, we use REST APIs that support better security, extensibility, and app authentication features.
The three APIs are available under the security node and the endpoints to access them are as follows:
What you need to do to prepare:
Permissions
Currently, these APIs are supported through delegated permissions only, which are managed through the Graph interface. We are introducing two new permissions which you will need to access these APIs:
· recordsmanagement.read.all
· recordsmanagement.readwrite.all
Licensing
Access to Data Lifecycle Management and Records Management features varies based on your Microsoft 365 license level. See Microsoft 365 guidance for security & compliance - Service Descriptions for licensing requirement details.
Get started with Data Lifecycle Management and Records Management in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more:
· Use the Microsoft Graph records management API
· Create retention labels for exceptions
· Start retention when an event occurs
MC515529 — Microsoft Purview compliance portal: eDiscovery PowerShell cmdlet support for certificate-based authentication
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 106112
We are announcing eDiscovery PowerShell cmdlet’s official support for certificate-based authentication (CBA).
When this will happen:
Rollout will begin in late February and is expected to be complete by late March.
How this will affect your organization:
Many organizations rely on unattended scripts built using the security and compliance PowerShell cmdlet to automate eDiscovery workflow. In the past, any unattended script relied on basic authentication techniques where it required the user to store the username and password in a local file or in a secret vault accessed at run-time. This method is no longer recommended as it poses the risk of stolen credentials. See Deprecation of Basic authentication in Exchange Online.
eDiscovery cmdlets will support CBA or app-only authentication as described in this article by end of February 2023. It supports unattended script and automation scenarios by using Azure AD apps and self-signed certificates. Certificate-based authentication provides admins the ability to run scripts without the need to create service-accounts or store credentials locally.
We encourage all eDiscovery users who rely on basic authentication with their unattended script to migrate the script authentication to use CBA as soon as possible. Please note that Service Principal will be needed to run eDiscovery cmdlets. Refer to this article for the steps.
Note:
· This change will affect the authentication method of your organization’s eDiscovery unattended script.
· After basic authentication is changed to CBA your script should be more secure against potential attackers who may be interested in stealing your locally stored credentials.
What you need to do to prepare:
Assess if the changes will change your organization’s eDiscovery automation workflow. If so, you may wish to update internal documentation and script authentication and provide training to all eDiscovery users in your organization.
Get started with eDiscovery in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: App-only authentication in Exchange Online PowerShell and Security & Compliance PowerShell
MC499443 — Microsoft Purview Data Loss Prevention: Upcoming migration of policy sync engine for Exchange, SharePoint, and OneDrive
|
|
|
|
|
<30 Days |
|
|
Updated March 3, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re making changes to the Microsoft Purview Data Loss Prevention (DLP) Policy Synchronization API.
Starting mid-February 2023, we will replace and retire the legacy “Policy Sync Version V1” for DLP that applies to Exchange Online, SharePoint, and OneDrive for Business workloads and migrate all DLP policies from the previous “Policy Sync Version V1” to an upgraded “Policy Sync Version V2”.
When this will happen:
Rollout will begin in mid-February and is expected to be complete by late March (previously late February).
How this will affect your organization:
The DLP “Policy Sync Version V2” is a more secure and flexible solution that will enable you to access the latest and upcoming features across the entire Microsoft Purview Information Protection solution. This will be a back-end infrastructure upgrade activity that will be carried out by Microsoft.
Once this change is implemented, admins will see a “Last Modified Timestamp” column as the DLP policies* will be updated per the timestamp when Microsoft will be performing the migration on your consent. Changes will be visible in both PowerShell and the Microsoft Purview compliance portal (UX).
*Indicates DLP policies that are scoped to workloads – Exchange Online, SharePoint, OneDrive
What you need to do to prepare:
No action is needed to prepare for this change.
Get started with Information Protection and Data Loss Prevention in the Microsoft Purview compliance portal.
Learn more:
· Learn about data loss prevention
· Microsoft Purview Information Protection
MC455898 — (Updated) Microsoft Purview compliance portal | Retirement of Reports page
|
|
|
|
|
<30 Days |
|
|
Updated February 7, 2023: We have updated the timeline for this change.
We will be retiring the Reports landing page from the Microsoft Purview compliance portal by the end of March 2023.
How this will affect your organization:
Once this change is implemented, you will no longer see Reports as an option in the left navigation of the Microsoft Purview compliance portal. Labeling and Data Loss Prevention (DLP) reports will continue to be accessible via the relevant pages within the Data Classification solution area as indicated below.
Labeling reports
· Aggregate reports: Data Classification > Overview
· Detail reports: Data Classification > Overview
DLP reports
DLP rule match report: Data Classification > Activity Explorer (E5 license is required)
For other DLP reports, you can use the following cmdlets:
· Get-DlpDetectionsReport
· Get-DlpDetailReport
· Get-DlpIncidentDetailReport
· Get-DlpSiDetectionsReport
Cloud App Security reports
For Cloud App Security reports, please visit the Microsoft Defender portal.
What you need to do to prepare:
No action is needed to enable this change. You may want to inform users of the alternate locations for accessing these reports and update any documentation that references the retiring Reports page.
Access the Data Classification landing page in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: How to use the Microsoft data classification dashboard
Identity
MC523051 — Announcing Public preview - System preferred multi-factor authentication method
|
|
|
|
|
|
|
>60 Days Phased |
Today, various authentication methods are employed by users to provide varying levels of security. Depending on the situation, certain methods may be more secure than others, so it is important to have a range of options available to ensure the right level of security is provided.
Today we are announcing our solution for this challenge: System-preferred authentication for MFA –where we will evaluate at runtime, which is the most secure method for the user, of the methods the user has registered. This will help us move away from the erstwhile concept of the user selecting a ‘default’ method and always being prompted for that method first, even when more secure methods are registered and available.
When this will happen:
Public Preview: We will begin rolling out on March 1st, 2023.
How this will affect your organization:
In this feature, “System preferred multi-factor authentication method,” Microsoft will decide and prompt which among the user’s registered methods should be prompted for 2nd factor. This would be decided on run time and would be the best method of the methods registered at that given point in time.
This feature will be off by default, please enable this feature using MSGraph API. Once enabled, users will be required to sign in using the most preferred authentication method available.
This is an excellent approach for users to move away from the less secure telephony methods.
Presently the feature is in Private preview and the admins have the control to turn the feature On/Off using GraphAPI.
The public preview experience will be similar to the private preview where the admins will use the GraphAPI to turn on/off the feature. By the end of March, the admin screen will be available to the user. There would be a toggle available to configure the feature
At GA (in April), Microsoft managed will be set to "enable". Admins will have the UX and the toggle available
At GA+3 months (July), the toggle will be taken away from them and the feature will be enabled for all by default.
What you need to do to prepare:
Review the documentation to determine whether or not to enable for your organization.
· System-preferred multifactor authentication - Authentication methods policy
MC522581 — New My Groups Experience
|
|
|
|
|
|
30-60 Days |
|
We will be replacing the existing My Groups experience at mygroups.microsoft.com with a new and improved My Groups, now available at myaccount.microsoft.com/groups in mid-May 2023.
My Groups enables end users to easily manage groups, such as finding groups to join, managing groups they own, and managing existing group memberships. Based on customer feedback, we’ve also added:
· sorting and filtering on lists of groups and group members,
· a full list of group members in large groups, and
· an actionable overview page for membership requests.
When this will happen:
Beginning in mid-May and expect to complete by late May.
How this will affect your organization:
In May, users will no longer be able to access the existing My Groups and will need to adjust to the new experience. Today, end users can get the richer benefits of the new My Groups by proactively switching to myaccount.microsoft.com/groups. Navigation between the old and new experiences is available via notification banners on each site.
In May, the old experience will be retired. The previous URL (mygroups.microsoft.com) will redirect users to the new experience at myaccount.microsoft.com/groups.
In addition, in May, admins will not be able to restrict owners or users from accessing or using My Groups. Admins can still manage end users' ability to create Microsoft 365 and Security groups using the settings described here: Set up self-service group management in Azure Active Directory
What you need to do to prepare:
You may consider updating your training and documentation so users can adjust to the new experience.
Please click Additional Information to learn more.
MC498471 — (Updated) IPv6 coming to Azure AD
|
|
|
|
|
<30 Days Phased |
|
|
Updated February 9, 2023: We have updated the content below for clarity. Thank you for your patience.
With the growing adoption and support of IPv6 across enterprise networks, service providers, and devices, many customers are wondering if their users can continue to access their services and applications from IPv6 clients and IPv6 networks.
Today, we’re excited to announce our plan to bring IPv6 support to Microsoft Azure Active Directory (Azure AD). This will allow customers to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack).
For most customers, IPv4 won't completely disappear from their digital landscape, so we aren't planning to require IPv6 or to de-prioritize IPv4 in any Azure Active Directory features or services.
When this will happen:
We’ve been gradually rolling out IPv6 for some of our services for a while. Starting in late March 2023 we'll begin enabling IPv6 for Azure AD authentication. We will introduce IPv6 support into Azure AD authentication in a phased approach, beginning late March 2023.
What you can do to prepare:
We have guidance below which is specifically for Azure AD customers, who use IPv6 addresses and also use Named Locations in their Conditional Access policies.
If you have public IPv6 addresses representing your network, take the actions that are described in the following sections as soon as possible.
Customers who use named locations to identify specific network boundaries in their organization, need to:
1. Conduct an audit of existing named locations to anticipate potential impact;
2. Work with your network partner to identify egress IPv6 addresses in use in your environment.;
3. Review and update existing named locations to include the identified IPv6 ranges.
Customers who use Conditional Access location based policies, to restrict and secure access to their apps from specific networks, need to:
1. Conduct an audit of existing Conditional Access policies to identify use of named locations as a condition to anticipate potential impact;
2. Review and update existing Conditional Access location based policies to ensure they continue to meet your organization’s security requirements.
Failing to follow these steps might result in the following impact:
1. Users of IPv6 addresses may be blocked, depending on your organization's Conditional Access policies and Identity Protection configurations.
2. False positive detections due to 'Mark as trust location' not being checked for your internal networks and VPN’s can result in users being marked as risky.
We will continue to share additional guidance on IPv6 enablement in Azure AD here: IPv6 Support in Azure Active Directory.
Learn more about Microsoft identity:
· Get to know Microsoft Entra – a comprehensive identity and access product family
· Return to the Microsoft Entra (Azure AD) blog home
· Share product suggestions on the Entra (Azure AD) forum
MC468492 — (Updated) Authenticator number matching to be enabled for all Microsoft Authenticator users
|
|
|
|
|
Rolled Out |
|
|
|
Updated February 16, 2023: Microsoft Authenticator app’s number matching feature has been Generally Available since Nov 2022! If you have not already leveraged the rollout controls (via Azure Portal Admin UX and MSGraph APIs) to smoothly deploy number matching for users of Microsoft Authenticator push notifications, we highly encourage you to do so. We had previously announced that we will remove the admin controls and enforce the number match experience tenant-wide for all users of Microsoft Authenticator push notifications starting February 27, 2023. After listening to customers, we will extend the availability of the rollout controls for a few more weeks. Organizations can continue to use the existing rollout controls until May 8, 2023, to deploy number matching in their organizations. Microsoft services will start enforcing the number matching experience for all users of Microsoft Authenticator push notifications after May 8th, 2023. We will also remove the rollout controls for number matching after that date.
Please note that we have changed the expected behavior for NPS extension to be even more admin friendly. NPS versions 1.2.2216.1+ will be released once Microsoft starts to enable number matching for all Authenticator users. These NPS versions will automatically prefer OTP based sign-ins over traditional push notifications with the Authenticator app. An admin can choose to disable this behavior and fallback to traditional push notifications with Approve/Deny by setting the registry key OVERRIDE_NUMBER_MATCHING_WITH_OTP Value = FALSE. Previous NPS extension versions will not automatically switch Authenticator push notification authentications to OTP based authentications. Please refer to the NPS extension section of the number match documentation for further information.
When this will happen:
Beginning February 27, 2023
How this affects your organization:
To prevent accidental approvals, admins can require users to enter a number displayed on the sign-in screen when approving an MFA request in the Microsoft Authenticator app. This feature is critical to protecting against MFA fatigue attacks which are on the rise.
Another way to reduce accidental approvals is to show users additional context in Authenticator notifications. Admins can now selectively choose to enable the following:
· Application context: Show users which application they are signing into.
· Geographic location context: Show users their sign-in location based on the IP address of the device they are signing into.
Number match behavior in different scenarios after 27-February 2023:
1. Authentication flows will require users to do number match when using the Microsoft Authenticator app. If the user is using a version of the Authenticator app that doesn’t support number match, their authentication will fail. Please make sure upgrade to the latest version of Microsoft Authenticator (App Store and Google Play Store) to use it for sign-in.
2. Self Service Password Reset (SSPR) and combined registration flows will also require number match when users are using the Microsoft Authenticator app.
3. ADFS adapter will require number matching on versions of Windows Server that support number matching. On earlier versions, users will continue to see the “Approve/Deny” experience and won’t see number matching till you upgrade.
Windows Server 2022 October 26, 2021—KB5006745 (OS Build 20348.320)
Windows Server 2019 October 19, 2021—KB5006744 (OS Build 17763.2268)
Windows Server 2016 October 12, 2021—KB5006669 (OS Build 14393.4704)
4. NPS extension versions beginning 1.2.2131.2 will require users to do number matching after 27-February 2023. Because the NPS extension can’t show a number, the user will be asked to enter a One-Time Passcode (OTP). The user must have an OTP authentication method (e.g. Microsoft Authenticator app, software tokens etc.) registered to see this behavior. If the user doesn’t have an OTP method registered, they’ll continue to get the Approve/Deny experience. You can create a registry key that overrides this behavior and prompts users with Approve/Deny. More information can be found in the number matching documentation.
5. Apple Watch – Apple Watch will remain unsupported for number matching. We recommend you uninstall the Microsoft Authenticator Apple Watch app because you have to approve notifications on your phone.
What you can do to prepare:
If customers don’t enable number match for all Microsoft Authenticator push notifications prior to May 8, 2023, users may experience inconsistent sign-ins while the services are rolling out this change. To ensure consistent behavior for all users, we highly recommend you enable number match for Microsoft Authenticator push notifications in advance.
Learn more at:
· Defend your users from MFA fatigue attacks - Microsoft Community Hub
Exchange Online / Defender for Office 365
MC522572 — Microsoft Defender for Office 365: Introducing the new Post-delivery Activities Report
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 117516
The new Post-delivery activities report will provide you with information on all things Zero Hour Auto-Purge (ZAP). From the report, you can view messages that were initially delivered but were later moved due to a threat.
When this will happen:
Standard Release: We will begin rolling this out in early March and expect to complete rollout by late-March.
How this will affect your organization:
The new report will display all the ZAP events that occurred in your organization. If the verdict assigned to a message has been changed, the new report will display this updated data, making it easier to investigate the messages.
You can find the Post-delivery activities report under Email & collaboration reports.
What you need to do to prepare:
You may want to consider updating your training and documentation as appropriate.
You can review the following resources to learn more:
· View email security reports in the Microsoft 365 Defender portal
· View Defender for Office 365 reports in the Microsoft 365 Defender portal
· Introducing the New Post-delivery Activities Report in Microsoft Defender for Office 365
MC519232 — Attack Simulation and Training- Update to predicted compromise rate metric for tenant payloads
|
|
|
|
|
|
|
>60 Days Phased |
Attack Simulation Training under Microsoft Defender for Office is an intelligent phish risk reduction tool that measures behavior change and automates the deployment of an integrated security awareness training program across an organization. One of the most crucial elements in running a phishing simulation is the right selection of payload, to drive the right user behavior.
A core metric that can be used towards payload efficacy is predicted compromise rate (PCR) that predicts the percentage of people who will be compromised by this simulation (users compromised / total number of users who receive the simulation).
As part of this update, we are introducing an intelligent machine learning driven mechanism to predict a more accurate potential compromise rate if the payload was used within a simulation.
As part of this change, there will be 2 updates:
1. Updates to the PCR values for global payloads available within Content library -> Global payloads:
2. Introduction of an on-demand PCR calculation experience:
As part of the payload authoring experience, you can create your payload content and use the PCR machine learning model to determine the efficacy of your payload. This will be an addition to the existing experience and does not impact existing payload authoring experience.
When this will happen:
We plan to do a staggered rollout in following phases:
1. Updates to global payloads will start to roll out from 3rd week of February, and are expected to complete by mid-April
2. The on-demand PCR calculation for English language payloads will start to roll out from 1st week of March, and is expected to complete by end-April
3. The on-demand PCR calculation for non-English language payloads will start to roll out from 2nd week of April, and is expected to complete by end of June
How this will affect your organization:
As part of this update, you will see minor changes in the PCR value for payloads. You will also see a mechanism to calculate PCR values as part of your payload authoring experience. There are no changes to your simulation, training workflows or content library.
There is no impact to the end users within your organizations, and only updates the experience for admins with access to Attack Simulation and Training experience.
MC516348 — DMARC aggregate reports for enterprise
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 109535
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.
When this will happen:
Standard Release: We will begin rolling out mid-February and expect to complete by late March.
How this will affect your organization:
Domain owners will receive DMARC reports to RUA email addresses.
What you need to do to prepare:
DMARC reports are only sent to domains whose MX is pointed to O365. In order to obtain DMARC aggregate reports for your domain, it must have a valid DMARC record that includes a valid RUA email address.
You can learn more about DMARC here
MC505088 — (Updated) Microsoft Defender for Office 365: Quarantine Notifications enabled for Preset Security Policies
|
|
|
|
|
<30 Days |
|
|
Updated February 16, 2023: We have updated the content below for clarity. Thank you for your patience.
We are updating the recommended quarantine notification policy in the Standard and Strict preset security policies.
With the DefaultFullAccessWithNotificationPolicy, Users will receive quarantine notifications for emails quarantined due to the corresponding threat policy.
*Note that the Quarantine policy assigned here is ineffective since the delivery location is Junk folder
Here is what the quarantine notification looks like:
When this will happen:
We will begin rolling this out in mid-February 2023 and complete rolling out by mid-March 2023.
How this will affect your organization:
If your organization has enabled preset security policies, these will be automatically updated to include the quarantine notification policies (DefaultFullAccessWithNotificationPolicy) as listed in the above table for the standard and strict protection preset profiles.
What you need to do to prepare:
No action required. Please review the following links to learn more:
· What are quarantine notifications? Quarantine notifications (end-user spam notifications) in Microsoft 365 - Office 365 | Microsoft Lea...
· Specific controls set in Preset Security Policies: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Micro...
· We recommend enabling preset security policies for your organization: Steps to quickly set up the Standard or Strict preset security policies for Microsoft Defender for ...
MC447339 — (Updated) Quarantine Admin Role Required for Exchange Admins for Quarantine Operations
|
|
|
|
|
|
30-60 Days |
|
Updated February 7, 2023: We have updated the timing for this change. Thank you for your patience.
Tenant Exchange Administrators who visit the Quarantine Security Portal (https://security.microsoft.com/quarantine) need to be a Quarantine Administrator to perform Quarantine operations in the portal.
When this will happen:
Starting early June 2023 (prev early February 2023) we will stop honoring the execution of Quarantine operations by Exchange Administrators who are not Quarantine Administrators, Security Administrators or Global Administrators in the security portal
We will first provision a Quarantine Admin role for all Exchange Administrators who have performed Quarantine operations in the past on the security portal. This will allow those Exchange Admins to continue executing Quarantine operations successfully in the security portal in early to late May 2023 (early to late January 2023).
How this will affect your organization
Exchange Admins were able to perform Quarantine operations (such as release, delete, download, preview of quarantined messages) in the security portal on behalf of users in their organization without being in the Quarantine Administrator role. With this change, Exchange Administrators will also need to be assigned a Quarantine Administrators to perform these Quarantine operations.
What you need to do to prepare:
Admins should update their organization roles as they see fit and update and relevant training documentation.
Learn More:
· Manage Quarantined Messages and Files as an Admin in EOP
· Permissions in the Microsoft 365 Defender Portal
MC424901 — (Updated) Safe Attachments policy: Retire policy action ‘Replace’ for malware detections in attachments (Phase 1)
|
|
|
|
|
Rolled Out |
|
|
|
Updated February 9, 2023: We have updated the rollout timeline below. Thank you for your patience.
In Safe Attachments policies, ‘Replace’ is one of the actions that can be applied to messages that are found to contain malware. This action delivers only the message body without any of the original attachments. A replacement text attachment is added to the message to notify that the attachments were removed due to malware detection.
The ‘Replace’ action will be retired and will no longer be available in Safe Attachments policies. This retirement is implemented in two phases.
The first phase will start applying the ‘Block’ action behavior (quarantine the email) to existing policies with the ‘Replace’ action. This change will be applied automatically.
The second phase will remove the ‘Replace’ action selection from the Microsoft 365 Defender portal and related cmdlets. As part of this change, the ‘Replace’ action in any existing policies will be changed to the ‘Block’ action.
How this will affect your organization:
Once this change is rolled out, any Safe Attachments policies with the ‘Replace’ action will not be honored and the action of ‘Block’ will apply automatically.
The phase 1 change will start rolling out in late-September 2022 and worldwide deployment will be complete by late-October 2022.
Government: has begun rolling out and expect to complete by mid-February.
What you need to do to prepare:
There are no alternatives to the ‘Replace’ action post retirement. Review and update Safe Attachments policies with the ‘Replace’ action to a different action (for example, ‘Block’ or ‘Dynamic Delivery’) before the phase 2 rollout.
Please click Additional Information to learn more.
Safe Attachments policy settings
MC424899 — (Updated) MDO Safe Attachments Policy: Changes to Enable Redirect Functionality
|
|
|
|
|
<30 Days |
|
|
Updated February 9, 2023: We have updated this message to ensure visibility. The content below has not changed.
In Safe Attachments policies, the option Enable redirect forwards messages with detected attachments to the specified admin email address as an email attachment if the section is Block, Monitor, or Replace.
The change being introduced is to support Enable redirect only for the Monitor action. Enable redirect will no longer support the Replace or Block actions.
When this will happen:
GA: This change will begin rolling out in late September and will be completed by late October.
Government clouds: We will begin rollout in early-February and will be completed by mid-March.
How this will affect your organization:
Once this change is rolled out, Enable redirect will forward messages only for Safe Attachments policies configured with the Monitor action.
What you need to do to prepare:
There is nothing you need to do to prepare. You may want to notify your customers and update your training and documentation as appropriate. To learn more, please visit these links below:
· Safe Attachments policy settings
MC519224 — New Message Recall in Exchange Online rolling out now
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 59438
The new Message Recall feature in Exchange Online is starting to roll out now and should be available to all Exchange Online tenants worldwide by mid-March. The new feature is more than twice as effective at successfully recalling messages than the classic Outlook for Windows Message Recall feature, and offers a single aggregated recall status report for each recall. Learn more here.
When this will happen:
We started rolling it out mid-February and expect to complete the roll-out by mid-March.
How this will affect your organization:
When your organization’s users with mailboxes hosted in Exchange Online try to recall a message we’ll use the new cloud-based message recall feature to recall the message instead of the classic Outlook for Windows client based feature. Your end-users will experience significantly higher recall rates than ever before, typically > 95% for messages to recipients within the organization.
What you need to do to prepare:
There’s nothing you need to do for your end-users to take advantage of this functionality, it’s automatically done for them in the cloud.
However, should you wish to disable the new cloud-based Message Recall for your organization, or disable recalling read messages, you can use the following Remote PowerShell cmdlets:
· Disable the new Message Recall for your entire tenant: Set-OrganizationConfig -MessageRecallEnabled $false
· Disable recalling read messages: Set-OrganizationConfig -RecallReadMessagesEnabled $false
The setting to disable recalling read messages is also available in the Exchange Admin Center: EAC > Settings > Mail flow
MC485091 — (Updated) Microsoft Bookings - Mobile Apps will not be available on Google Playstore and Apple App Store from 02/23/2023
|
|
|
|
|
Rolled Out |
|
|
|
Updated February 16, 2023: We've updated the rollout timeline below. Thank you for your patience.
Microsoft Bookings is part of Microsoft 365 suite of products and is available through most commercial SKUs. It is currently available on the Web - Microsoft Bookings, as a Teams App and also on Mobile Apps on Google Playstore and Apple App store.
Bookings will continue to exist on the web and as an App on Teams and there won’t be any loss of data for existing users.
When this will happen:
February 23, 2023
How this will affect your organization:
If your organization has users who use the Bookings Mobile Apps:
We initially communicated the app removal date of 11/30, which we have extended by 2 months. After January 31, the Bookings Mobile Apps on Google Playstore and Apple App store will no longer be available for download. Any new user who is searching for the Bookings App will not be able to find or install the Apps.
Any existing user (who already has the App installed), will be able to continue to use the App but will not receive any support or updates.
Users who want to access Bookings on their mobile devices are recommended to access Bookings web page (https://book.ms) through their mobile browser from 02/01 onwards.
If your organization does not have users who use the Mobile Apps:
There is no impact or loss of data.
MC468486 — Microsoft Defender for Office 365: Migration of quarantine notification frequencies
|
|
|
|
|
|
|
>60 Days |
Microsoft 365 Roadmap ID 93304
Updated February 14, 2023: We have updated the content below for clarity. Thank you for your patience.
This communication is an extension of the previous communication in MC383901
We are updating the frequency interval available for user quarantine notification.
When this will happen:
Standard: will begin rolling out in late November and be completed by late February 2023
Government: will begin rolling out in early June 2023 and be completed by late July 2023
How this will affect your organization:
Currently, these are the frequency interval available for user quarantine notification for Admins to choose from:
· Within 1 day
· Within 2 days
· Within 3 days - current default
· Within 4 days
· Within 5 days
· Within 6 days
· Within 7 days
· Within 9 days
· Within 10 days
· Within 11 days
· Within 12 days
· Within 13 days
· Within 14 days
· Within 15 days
With this change, these will be the new intervals:
· Within 4 hours
· "daily" - new default
· "Weekly"
For customers that currently have notification frequencies > 1 day and < 7days, we will migrate to 1 day (i.e daily)
For customers that currently have notification frequencies > 7 days, we will migrate to 7 days (i.e weekly)
What you need to do to prepare:
Admins should update their quarantine global policy configuration frequency as they see fit and training documentation
MC441064 — (Updated) Exchange Online Customizable Message Expiration Timeout Interval Coming Soon
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 93315
Updated February 7, 2023: We have updated the rollout timeline below. Thank you for your patience.
A common request from Exchange Online admins is for the ability to customize the message expiration timeout interval for messages sent by users in their organization. When a message in Exchange Online can't be delivered or sent due to a temporary error, the message is queued for subsequent retries until either the message is delivered or sent, or until the message expires after the message expiration timeout interval has passed. In Exchange Online the service-wide default setting is 24 hours. With this update, we'll now give admins the ability to customize the message expiration timeout interval for their organization from 12 hours to 24 hours.
When this will happen:
We will begin rolling out in mid-October and expect to complete rollout by late December (previously late November). - Complete for WW and GCC organizations.
GCC-High and DoD: We will begin rolling out in late February (previously early February) and expect to complete by late March (previously early March).
How this will affect your organization:
If you change the default 24 hour message expiration timeout to a lower value, messages sent by your users that are queued for retry will expire faster, and they will receive a bounce message (NDR) faster. For example, customizing it to 12 hours means senders will receive a bounce message after only 12 hours of retrying a message that can’t be sent, instead of 24 hours.
What you need to do to prepare:
There is nothing you need to do to prepare for this.
Once the setting is available for your tenant if you want to change it for senders in your organization you can run the following Remote PowerShell cmdlet:
Set-TransportConfig
-MessageExpiration <12..24>
Microsoft 365
MC522573 — Custom Templates Available for Whiteboard
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 98085
Saving and sharing templates in Microsoft Whiteboard allows you to create and save customized layouts and content that can be used to create new whiteboards quickly and efficiently.
When this will happen:
Rollout will begin in early March and will be completed by late March.
How this will affect your organization:
This feature is helpful if users frequently use the same type of whiteboard or have a specific layout in mind. These templates can be shared with other individual users or distribution lists. This feature is available for customers with WHITEBOARD_PLAN2 and WHITEBOARD_PLAN3.
What you need to do to prepare:
There is no action required. If you wish, you can share guidance with your users on how to use this feature. We recommend updating any relevant training documentation.
MC521464 — Microsoft 365 Apps no longer receiving security updates on Windows 7
|
|
|
|
|
Rolled Out |
|
|
|
As previously communicated in MC402939 (July '22), Microsoft 365 Apps is supported under the Modern Lifecycle Policy. Therefore, the apps are supported continuously given that customers stay current per the servicing and system requirements. These requirements include using Microsoft 365 Apps on an operating system currently in support.
While Microsoft 365 Apps is not supported on Windows 7 as of January 10, 2020, we committed to provide security updates for three more years. We wanted to remind you that those three years ended in January 2023.
How this will affect your organization:
Users running Microsoft 365 Apps on Windows 7 stopped receiving security updates after January 2023. Please remember that using unsupported software may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.
What you need to do to prepare:
To continue receiving security updates, you will have to migrate devices running Windows 7 to a supported OS. View the Windows and Office configuration support matrix.
MC519243 — (Updated) Message Vertical to be released to special clouds (GCC and GCC-H) in Office.com
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 117389
Updated February 28, 2023: We have updated the rollout timeline below. Thank you for your patience.
Office.com users can now easily get messages from both Outlook and Teams that they previously shared with their colleagues. All they need to do is search for the particular communication and navigate to the messages tab. This feature which is currently available worldwide will now be available to GCC and GCC-H customers.
When this will happen:
Standard Release: We will begin rolling out this feature mid-March (previously late February) and expect to complete in mid-April (previously late March).
How this will affect your organization:
This feature will be shipped turned on by default and for organizations that don't use Teams or/and Outlook, there is an option to disable this from the Microsoft Admin Center. If your organisation uses both Team or/and Outlook, administrators do not need to do anything.
What you need to do to prepare:
Administrators need to inform their users about this new feature so that they can learn about it and use it to easily get Outlook and Teams messages when they are using Office.com without having to switch to the apps.
MC518729 — (Updated) Changes are coming to the Minimum Supported Browsers & versions for Microsoft 365 web apps
|
|
|
|
|
|
|
>60 Days |
Updated February 27, 2023: We have updated the content below for clarity. Thank you for your patience.
This initial communication is to notify customers that starting in July 2023, Office for the web users, using some unsupported browsers will no longer be able to connect to the Microsoft 365 web applications mentioned in the Service column of this Message Center communication.
How this will affect your organization:
Microsoft recommends customers plan ahead to ensure all devices in their organization are using a Microsoft 365 supported browser, and that browsers have been updated to the latest version. Microsoft 365 supported browsers are documented here:
· Microsoft 365 Supported Browsers: Which browsers work with Microsoft 365 for the web and Microsoft 365 Add-ins
· Microsoft Teams Supported Browsers: Get clients for Microsoft Teams
· Outlook for the web Supported Browsers: Supported browsers for Outlook on the web and Outlook.com
Microsoft recommends using a software inventory & management tool (i.e. System Center) to identify the browsers that are installed in your organization along with browser versions, and to ensure all devices have been upgraded to the latest version of a supported browser.
Over time, and as Microsoft releases new features for the Office web apps, customers will need to use supported versions of supported browsers. Starting July-2023, it is more likely that customers using unsupported browsers, or unsupported versions of supported browsers will have a degraded experience or be unable to connect to the Microsoft 365 web apps mentioned in the products affected section.
What you need to do to prepare:
Before this change takes effect, please ensure that all devices within your organization which use the Microsoft 365 web applications mentioned in the Products section of this communication, have been updated to a supported version of a supported browser.
See the supported browsers links mentioned above.
MC517337 — Restricting Personal Accounts on Android in Microsoft To Do
|
|
|
|
|
<30 Days |
|
|
We are introducing the new capability to allow organization-only accounts in Microsoft To Do.
When this will happen:
We will begin rolling out in mid-February and expect to complete rollout by early March.
How this will affect your organization:
To Do Android now offers enhanced security features to ensure the protection of your personal and work information. With the growing popularity of multi-account support in Android, users can add their personal and work accounts to their device, which can lead to data transfer between the two accounts and compromise security. To address this issue, we have implemented the control at the admin level to allow org only accounts.
What you need to do to prepare:
Admins will need to add a list of allowed accounts to use this feature. For more information regarding this, please visit this documentation.
MC517336 — Microsoft Visio Viewer on iOS Retirement
|
|
|
|
|
|
|
>60 Days |
Microsoft Visio Viewer app on iOS will be retired and removed from the App Store on August 14th, 2023, and will no longer work on iPhones and iPads.
When this will happen:
August 14, 2023
How this affects your organization:
Once the Visio Viewer iOS app is discontinued, users will no longer be able to download the app from the iOS app store.
As a substitute, users can view their drawing in Visio for the web. Just save a file in OneDrive or SharePoint to be able to open it in the web app.
What you can do to prepare:
You may consider updating your training and documentation as appropriate.
Transitioning from the Visio Viewer app on iOS to Visio for the web is easy. To learn more about which browsers work with Visio for the web, or how to view and comment on diagrams created with a Visio Plan 1 or Visio Plan 2 subscription, visit Visio for the web FAQ.
MC516903 — Microsoft 365 admin center: New Visio Usage Reports
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 88834
A new product usage report will be made available within Microsoft 365 admin center usage reports to help Admins understand how Microsoft Visio is used within their organization by daily active users and active users by platform.
The report can be viewed for trends over the last 7/30/90/180 days, includes a per-user view, and contains the user’s last active date and license information.
When this will happen:
Standard release. We will begin rolling out in mid-March and expect rollout to be complete by late April.
How this will affect your organization:
Admins with the correct permissions will soon have access to new usage activity reports within Microsoft admin center products for Microsoft Visio.
What you need to do to prepare:
To access the new reports, go to Reports -> Usage -> Visio.
For more information regarding these reports, please review the following documentation.
MC516350 — Microsoft 365 admin center Usage Reports: Graph API Sets for Activations and Active Users Rolling Out to GCCH/DoD
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft 365 Roadmap 115483 and 115486
We are releasing Graph API sets to Microsoft 365 admin center usage reports for Activations and Active Users reports.
When this will happen:
Standard Release: We will begin rolling out mid-February and complete rollout by late February.
How this will affect your organization:
GCCH/DoD admins will now have access to Graph API sets for Activations and Active users reports within Microsoft 365 Admin Center usage reports.
What you need to do to prepare:
Leverage the Graph APIs in Activation and Active User reports in the Microsoft Admin Center by selecting Reports on the left-hand navigation -> Usage-> scroll to specific report:
Update Activations Graph APIs:
· GET /reports/getOffice365ActivationsUserDetail
· GET /reports/getOffice365ActivationCounts
· GET /reports/getOffice365ActivationsUserCounts
Update Active Users APIs:
· GET /reports/getOffice365ActiveUserDetail
(period='{period_value}')
· GET /reports/getOffice365ActiveUserDetail
(date={date_value})
· GET /reports/getOffice365ActiveUserCounts
(period='{period_value}')
· GET /reports/getOffice365ServicesUserCounts
(period='{period_value}')
To learn more, please visit the following pages:
· Microsoft 365 Activations Reports
· Microsoft 365 Active Users Reports
MC515534 — Admin Center Graph Connectors' Limits Increased to 30 Connections
|
|
|
|
|
Rolled Out |
|
|
|
This update will allow admins to increase the limit of 'connections' that can be created under the "Data sources" tab in the "Search & intelligence" section of the admin center. You can create up to 30 connections to configure graph connectors for your enterprise search needs. Your item count limits remain as per your quota or 50m items in total. Per connection item limits remain same at 5m items per connection.
When this will happen:
We will begin rolling out in mid-February and expect to complete rollout by late February.
How this will affect your organization:
Your users will be able to search across a larger number of data sources in workplace search.
What you need to do to prepare:
There is nothing you need to do to prepare for this at this time. You may utilize the increased connection limit as per your needs. Please reach out to us if you need additional connections.
MC515530 — New Sensitivity Labeling Bar in Microsoft 365 Apps for Enterprise
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 88517
For organizations who rely on sensitivity labels from Microsoft Purview to protect their documents, a new feature is rolling out that makes it easier for end users to see or change sensitivity labels for files and emails in Word, Excel, PowerPoint, and Outlook on PC.
The new sensitivity bar is conveniently located in your document’s name or your email’s subject line, making it easier to stay aware of your content’s sensitivity. This bar provides an at-a-glance, familiar, and actionable indicator of the content’s sensitivity label.
When this will happen:
Preview (Word, Excel, PowerPoint): Already available in Current Channel Preview.
Preview (Outlook): We will begin rolling out in mid-February.
Standard Release (Word, Excel, PowerPoint, Outlook): We will begin rolling out in mid-March and expect to complete rollout by late March.
How this will affect your organization:
End users will see the new sensitivity bar added in their apps, using the same sensitivity labels and policies already defined for the user. If sensitivity labels are configured with a label color, this will be shown alongside the label name.
What you need to do to prepare:
The sensitivity bar will be enabled automatically for all users who have sensitivity labels published to them. Admins can configure an advanced label policy setting "HideBarByDefault" to minimize the amount of space used by the sensitivity bar. Please refer to the blog for screenshots and user scenarios.
MC515177 — REMINDER: IE11 desktop application permanent disablement scheduled for February 14, 2023
|
|
|
|
|
Rolled Out |
|
|
|
The out-of-support Internet Explorer 11 (IE11) desktop application is scheduled to be permanently disabled on certain versions of Windows 10 devices February 14, 2023, through a Microsoft Edge update. All remaining devices that have not already been redirected from IE11 to Microsoft Edge will be redirected with the Microsoft Edge update. Note, this update will be rolled out over the span of a few days up to a week, as is standard for Microsoft Edge updates (learn more). Redirection from IE11 to Microsoft Edge will be included in all future Microsoft Edge updates and will impact all devices within your organization with no ability for users to reverse the change. Therefore, if your organization still has dependencies on IE11, you must take steps now to complete your transition today, or risk business disruption at scale when users lose access to IE11-dependent applications. As a reminder, IE11 has been out of support since June 15, 2022.
Users will see a dialogue box when they are transitioned to Microsoft Edge. When they try to click any IE11 icons or other entry points, they will be redirected to Microsoft Edge. Users’ browsing data will be automatically brought over to Microsoft Edge from IE11 so they can seamlessly continue browsing.
IE11 visual references, such as the IE11 icons on the Start Menu and taskbar, will be removed by the June 2023 Windows security update (“B” release) scheduled for June 13, 2023. They will also be removed by the non-security preview “C” release on certain Windows 10 versions scheduled for May 23, 2023.
When this will happen:
· All in-scope devices will be permanently redirected from IE11 to Microsoft Edge through a Microsoft Edge update scheduled for today, February 14, 2023. This update will be rolled out over the span of a few days up to a week, as is standard for Microsoft Edge updates (learn more).
· The Windows update that removes visual references to IE11 is scheduled to be available in the following releases:
· May non-security preview (“C”) release scheduled for May 23, 2023
· June security (“B”) release scheduled for June 13, 2023
· Removal of IE11 visual references will be included in all subsequent Windows updates after the May non-security preview release.
How this will affect your organization:
· Organizations that have already transitioned from IE11 to Microsoft Edge with IE mode will not be impacted when the IE11 desktop application is scheduled to be permanently disabled today.
· Organizations that have not transitioned from IE11 to Microsoft Edge with IE mode may face business disruption at scale when the out-of-support IE11 desktop application is permanently disabled, currently scheduled for today. Should you experience any technical issues, please open a support ticket.
· When a user tries to open IE11 after receiving the Microsoft Edge update, they will see a dialogue box informing them that they are being redirected to Microsoft Edge. Clicking "Continue" will launch Microsoft Edge. This is an example of a message a user might see:
What you need to do to prepare:
If you have not already done so, complete your transition from IE11 to Microsoft Edge with IE mode as soon as possible. If you do experience any issues accessing an IE-based site after IE11 permanent disablement, you can add the missed site to your IE mode list to quickly fix the issue. If the issue persists, open a support ticket.
The majority of customers have already moved to Microsoft Edge and are experiencing the performance and productivity benefits of a faster, more secure, and more modern web experience than Internet Explorer (learn more). Microsoft Edge is the only browser with built-in compatibility for legacy IE-based sites and apps with IE mode.
Additional Information
· Read the FAQ to help answer your questions.
We always value feedback from our customers.
MC514084 — Microsoft 365 admin center: Windows 365 cloud PC advanced deployment guide
|
|
|
|
|
<30 Days |
|
|
Microsoft 365 Roadmap ID 102406
The Advanced deployment guides & assistance page in the Microsoft 365 admin center and the setup.microsoft.com website will have a new guide to help admins plan, deploy, and scale Windows 365 Enterprise in their organization. Windows 365 is a cloud-based service that provisions and hosts Cloud PCs as virtual machines for users. The guide includes a checklist with Cloud PC configuration tasks, best practices, tools, and recommendations based on a tenant's configuration.
When this will happen:
This guide will be available March 2023. It can be found on the Advanced deployment guides & assistance page, and shortly after, on setup.microsoft.com.
How this will affect your organization:
Admins will use the Windows 365 Cloud PC advanced deployment guide for recommendations on how to make key decisions and identify prerequisites and tasks needed to deploy Cloud PCs in accordance with their org’s requirements. The guide is organized by IT area (Azure, networking, identity, management, security, and applications) to help admins work with multiple groups and staff members. Admins can track the status of each task within the guide and share tasks with others via email.
What you need to do to prepare:
You don’t need to do anything to prepare for this change.
MC513601 — Stream live events replacement service
|
|
|
|
|
|
|
>60 Days |
This is an important message for customers who use Stream (Classic) or Yammer to create and host Stream live events. Microsoft will retire the Stream live events service on September 15, 2023. Microsoft Teams live events, with encoder support, will become your new platform to host and run live events.
For several years Microsoft has offered two venues for hosting live events -- Stream and Teams. While both services allow you to create live events, each had a slightly different set of capabilities and limitations. Our goal is to provide you with a single, simple, robust solution for hosting live events.
Teams live events with encoder support is the replacement service to Stream live events. Teams live events is now rolling out the general availability of encoder support (see Roadmap ID 84960), which will allow you to create, host and produce live events with the same functionality that you get with Stream. Teams live events will support 10,000 simultaneous event attendees and Real-Time Messaging Protocol input (RTMP-In). RTMP-in lets you create highly polished events that feature combined live streams, screen overlays, on-screen data and more.
Users will also get two other benefits from using Teams live events:
1. The option to allow public anonymous attendees to attend Teams encoder live events.
2. Enhanced playback of recorded events with the option to add closed captions, transcripts, chapters, and comments.
If you use Yammer to create and host live events you will be able to continue using Stream Live Events in Yammer until September 15, 2023. Additionally, you’ll soon be able to select Teams within Yammer to run your event.
When this will happen:
· Teams live events with encoder support began its general availability roll out on February 1, 2023, and we expect the rollout to complete by February 15, 2023.
· The Stream live events service will be retired on September 15, 2023.
How this will affect your organization:
We recommend that you begin using the Teams live events to schedule and host live events.
If your organization has Stream live events scheduled beyond September 15, 2023, please reschedule those events. Any Stream live events scheduled after September 15, 2023 will be automatically removed.
For more information see the links below:
· Stream live events replacement service FAQs
· How to set up a Teams live event
· How to produce a Teams live event
· Teams live events capabilities and limitations
MC512918 — Microsoft Edge to replace built-in PDF engine with Adobe Acrobat PDF engine
|
|
|
|
|
|
|
|
>365 Days Phased |
As part of the Adobe and Microsoft collaboration to re-envision the future workplace and digital experiences, we are natively embedding the Adobe Acrobat PDF engine into the Microsoft Edge built-in PDF reader. With the use of the Adobe Acrobat PDF engine, users will have a unique PDF experience that includes higher fidelity for more accurate colors and graphics, improved performance, strong security for PDF handling, and greater accessibility – including better text selection and read-aloud narration. There will be no loss of functionality with the use of the Adobe Acrobat PDF engine and these capabilities will continue to be free of cost. Organizations with Microsoft 365 E5 subscriptions can also view and validate certificate-based signatures and view PDF files protected through Microsoft Information Protection (MIP) at no extra cost.
Organizations with an existing Adobe Acrobat subscription can use the no-cost extension inside Microsoft Edge to unlock their subscription features—such as the ability to edit text and images, convert PDFs to other file formats, and combine files. Those who do not have an Adobe Acrobat subscription can purchase a license that enables access to these advanced features inside Microsoft Edge via an extension. There is no requirement to purchase an Adobe Acrobat subscription to use the Microsoft Edge built-in PDF free capabilities.
When this will happen:
Starting in March 2023, organizations can opt-in to use the Adobe Acrobat PDF engine in the Microsoft Edge built-in PDF reader via Intune policy. The policy will be available as soon as the Adobe Acrobat PDF engine is available. After opting-in, organizations have the option to opt-out of this experience via the same Intune policy.
To meet the needs of organizations with managed devices, the transition to the built-in Microsoft Edge PDF reader with the Adobe Acrobat PDF engine will occur in phases:
· March 2023: Unmanaged device rollout will begin in March 2023. Managed devices can opt-in using policy via Intune.
· September 2023: Rollout to organizations will begin no earlier than September 2023. Organizations with managed devices may opt out of this experience via Intune policy.
· March 31st, 2024: The legacy PDF engine in the Microsoft Edge PDF reader is scheduled to be removed (and opt-out no longer available) on March 31st, 2024.
How this will affect your organization:
As rollout begins in March 2023, there will be no changes to managed devices in organizations unless they choose to opt in. With opt-in, the built-in Microsoft Edge PDF solution with the Adobe Acrobat PDF engine will have full feature parity with the legacy Microsoft Edge PDF solution. No functionality will be lost. Users will also gain higher fidelity for more accurate colors and graphics, improved performance, strong security for PDF handling, and greater accessibility – including better text selection and read-aloud narration. Users will see an unobtrusive Adobe brand mark in the bottom corner of their PDF view. These users will also see an option to try the advanced features, such as converting PDFs, combining files, editing text and images. Users can sign in with their existing Adobe Acrobat subscription or can select the option to purchase an Adobe Acrobat subscription and download the Adobe Acrobat extension to use those features in Microsoft Edge.
What you need to do to prepare:
To prepare, we recommend selecting users to test the addition of the Adobe Acrobat PDF engine into Microsoft Edge on the stable release in March 2023. For managed devices, admins in commercial organizations will need to enable the “NewPDFReaderOptInEnabled” policy in order to test the Adobe Acrobat PDF engine.
To hide the notification to try the paid Adobe Acrobat features, admins will need to enable the “GetAcrobatSubscriptionButtonEnabled” policy.
Starting no earlier than September 1, 2023, the rollout to organizations will begin. For organizations wanting to opt out of this experience, admins will need to enable the “NewPDFReaderOptOutEnabled” policy. Organizations can opt-out until the legacy Microsoft Edge PDF engine is removed, which is scheduled for March 31st, 2024.
Additional information:
· Read about the Microsoft and Adobe partnership here
· Read about the Microsoft Edge and Adobe Acrobat PDF announcement here
· Read about the joint approach by Microsoft and Adobe engineering teams to secure the PDF experience here
We always value feedback and questions from our customers. Feel free to submit either feedback or questions via Message Center.
MC478686 — (Updated) Whiteboard application for Windows and Surface Hub - (GCC-High)
|
|
|
|
|
Rolled Out |
|
|
|
Microsoft 365 Roadmap ID 85624
Updated February 9, 2022: We have released a new version of the Whiteboard application for Windows and Surface Hub. You should follow the process you used to deploy Whiteboard to also send the update out to your users. This version no longer requires manual updates.
Going forward, if your tenant has auto-updates enabled in its admin policies, the Whiteboard application will automatically update whenever new versions become available. However, if you have auto-updates disabled, you will need to continue to use the AppCenter link below to get the newest version periodically and manually push to your tenant with each update.
The Whiteboard application for Windows and Surface Hub is now available for your tenant.
When this will happen:
This functionality is now available.
How this will affect your organization:
In addition to Whiteboard on the web and in Teams desktop, the Whiteboard application for Windows and Surface Hub can now be made available to your users.
Note: Whiteboard will not appear in the app picker at this time and will be added in the future. Please access Whiteboard directly via the direct GCCH Whiteboard URL https://whiteboard.office365.us, or the entry points listed above.
What you need to do to prepare:
We are providing an environment-specific version of Whiteboard for Windows and Surface Hub for your tenant, which means you should not use the version in the Microsoft Store.
How to install and update Whiteboard for your environment:
· Uninstall any prior versions of Whiteboard on the device using an endpoint manager, such as Intune (Apps for GCC High and DoD environments - Microsoft Intune | Microsoft Learn).
· Download the application (.appxbundle) from App Center at https://go.microsoft.com/fwlink/?linkid=2216206.
· Deploy the package through an endpoint manager onto your users’ devices. Ensure that the application is not set to automatic updates, they should be updated only through controlled distribution via your endpoint manager.
When you get an MC post update informing you of a newer version, you will follow the steps to download and deploy the package, but you don’t need to uninstall the version.
In the future, we'll bring an automatic update solution so that the app only needs to be deployed utilizing the above instruction the first time.
The process is the same for Windows and Surface Hub devices.
MC477010 — (Updated) Basic auth retirement for Office 365 Reporting Web Service
|
|
|
|
|
<30 Days |
|
|
Updated February 6, 2023: We have updated the timeline below. Thank you for your patience.
We originally communicated this change in MC318316 (January 2022). We have updated the timeline for this change and are now ready to proceed.
Currently, users accessing Reporting Web service use “Basic Authentication” and must provide their credentials. With this feature update, Microsoft will improve the security of your tenant by replacing “Basic Authentication” access in favor of the recommended OAuth user interface which is where we will continue to invest our development resources.
Key points
· Timing: Rollout will begin in late January and is expected to be complete by mid-March (previously late February).
How this will affect your organization:
No immediate action required. Users could start migrating their programmatic access to Office 365 Reporting Web Service from "Basic Authentication" to "OAuth".
What you need to do to prepare:
You might want to notify your users about this change and update your training and documentation as appropriate.
Learn more:
MC476026 — (Updated) Visio Services discontinuation starting 10th Feb 2023
|
|
|
|
|
Rolled Out |
|
|
|
Updated February 23, 2023: We have updated the rollout timeline below. Thank you for your patience.
Beginning 24th February 2023, Visio Web Access (Visio Service) and its Web Part for SharePoint Online will no longer be available. Instead of Visio Web Access you will be able to use Visio Web to migrate your organization’s web parts to a newer experience with the new Javascript (JS) APIs for Visio Web. Visio Web enables high fidelity viewing, sharing, and collaboration in your favorite browser, without installing the client for all Office 365 licenses. It also supports embedding Visio diagrams in SharePoint Online using a modern file viewer part and with IFrame along with JS API programmability.
How does this affect me?
Beginning February 24th, users in your organization will not be able to switch to Visio services and will not be able to use their Visio Services embedded web parts. As an alternative, Visio Web viewing is available to most Office 365 subscriptions.
What do I need to do to prepare for this change?
Instead of using Visio Web Access (Visio Service) and its Web Part for SharePoint Online, we recommend using either:
· Visio Web and the File viewer Web part (link: Use the File viewer web part)
· iFrame in SharePoint Online for Visio Web Part (iFrame with new Visio Web APIs instead of Visio Web Part with Visio Services JS APIs). (link: Visio package)
Learn more link: Updates to Visio Web Access (also called "Visio Services")
MC343441 — (Updated) Office App: Idle Session Timeout for Microsoft 365 Web Apps - Worldwide Cloud
|
|
|
|
|
TBD |
|
|
|
|
Microsoft 365 Roadmap ID 55183
Updated February 7, 2023: We have updated the content to show as intended. Thank you for your patience.
Today's release of Idle session timeout will allow IT admins to configure a tenant-wide timeout policy to automatically sign out users after a period of inactivity on Microsoft 365 web apps. This will help protect sensitive company data from unauthorized access while providing peace of mind for end users while working on unmanaged and/or shared devices. This feature is an improvement over, and will eventually replace, current app-specific idle timeout settings in Outlook Web App (OWA) and SharePoint Online (SPO).
When this will happen:
Preview: Began rolling out today and is expected to be complete in late March. - Complete
Standard: We will begin rolling this out in late June and expect to complete rollout late August '22. - Complete.
GCC/GCC-High/DoD: We will roll out in the first half of 2023 and will provide a new Message center post when we are ready to proceed.
How this will affect your organization:
With this update, admins will have the ability to control how long a user can remain inactive on a Microsoft 365 web app before they get signed out automatically. By default, Idle session timeout feature is turned off for an organization. You can opt in via UX in Microsoft 365 Admin Center using the steps described here.
Once this feature is turned on for your organization, users who access Microsoft 365 web apps from an unmanaged device and do not select 'Stay signed in?' option at the time of sign-in might start seeing more sign-in prompts. Other users will not get impacted by this change.
What you need to do to prepare:
As you try out the Idle session timeout feature, you might want to notify your users about this change and update your training and documentation as appropriate.
Note: If you have already configured idle timeout policies for OWA and SPO, then turning on the new Idle session timeout feature will override existing OWA/SPO timeout behavior.
· Please note that we are not yet retiring the existing functionalities in OWA and SPO. But in order to better prepare your organization for this change, we recommend you trying out the new feature now and migrate to it once it becomes generally available.
Learn more:
· Manage idle session timeout web apps
We always value feedback and questions from our customers. Please feel free to submit either feedback or questions here.
Microsoft 365 IP and URL Endpoint Updates |
Documentation - Office 365 IP Address and URL web service
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.