Microsoft Roadmap, messagecenter en blogs updates van 07-09-2024

Updated September 5, 2024: We have updated the rollout timeline below. Thank you for your patience.

Introducing two new Data Loss Prevention (DLP) Microsoft Exchange support predicates for DLP Policy tips and Oversharing popups features for Microsoft 365 E5 Compliance users: Message contains and Attachment contains. Unlike the broader Content contains DLP predicate that evaluated the entire email envelope, these new predicates are tailored for client-side evaluation of specific email components only (email body or attachments) and show DLP Policy tips and Oversharing popups accordingly in Microsoft Outlook Win32.

This message is associated with Microsoft 365 Roadmap ID 376999

[When this will happen:]

Public Preview: We will begin rolling out mid-April 2024 and expect to complete by late May 2024.

Standard Release: We will begin rolling out mid-September 2024 and expect to complete by January 2025.

[How this will affect your organization:]

You can now create new DLP Policies or edit existing policies to include Policy tip and Oversharing popup features support for these new focused Message contains and Attachment contains predicates.

For more information, the following resources are available:

• Create and deploy a data loss prevention policy | Microsoft Learn
• Data loss prevention policy tip reference for Outlook for Microsoft 365 | Microsoft Learn
• Get started with oversharing pop ups | Microsoft Learn

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required.

Updated September 5, 2024: We have updated the rollout timeline below. Thank you for your patience.

Coming soon, Microsoft Purview Insider Risk Management will be rolling out public preview of granular trigger throttling limits.

This message is associated with Microsoft 365 Roadmap ID 382130.

[When this will happen:]

Public Preview: We will begin rolling out late October 2024 (previously late May) and expect to complete by late January 2024 (previously late October).

General Availability: We will begin rolling out late January 2024 (previously late December) and expect to complete by late January 2024.

[How this will affect your organization:]

With this update, we are introducing more granular trigger throttling limits to isolate the impact of a surge in noisy trigger volumes and prevent other policies from being affected. This ensures that organizations can receive critical alerts without being throttled by these limits. By default, these throttling limits will be applied:

• All sensitive triggers, including HR signals, Azure AD leavers, and custom triggers, will be limited to 15,000 per day per trigger.
• All other triggers will be limited to 5,000 per day per trigger.

Additionally, the policy health warning messages will be enhanced to assist admins with appropriate permissions in effectively identifying and addressing noisy triggers.

[What you need to do to prepare:]

No action is needed from you to prepare for this rollout. You may want to notify your admins about this change and update any relevant documentation as appropriate.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.

Learn more: Insider risk management | Microsoft Learn

Updated September 4, 2024: We have updated the rollout timeline below. Thank you for your patience.

In Microsoft Purview, audit search provides your organization with access to critical audit log event data, allowing you to gain insight and further investigate user activities. The Microsoft Purview Compliance portal’s audit search UI currently includes several search fields (i.e., date range, activities, workloads, users, etc.) to facilitate the retrieval of relevant logs. With a recent update, we have added four additional fields to the audit search UI.

These four fields are described below:

This message is associated with Microsoft 365 Roadmap ID 384092.

[When this will happen:]

Public Preview: We will begin rolling out early November 2024 (previously mid-August) and expect to complete by mid-November 2024 (previously mid-September).

General Availability (Worldwide): We will begin rolling out mid-November 2024 (previously mid-September) and expect to complete by late November 2024 (previously mid-October).

[How this will affect your organization:]

Security admins in your organization who use audit in the Microsoft Purview compliance portal will be able to use these four additional fields to retrieve relevant audit logs.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

Additional resources

• Search the audit log | Microsoft Learn

Updated September 6, 2024: We have updated the rollout timeline below. Thank you for your patience.

Currently, when you share a link with view-only permissions in Microsoft 365 apps, clicking on Copy link defaults to an “Only people with existing access” link that does not always target your intended people.

With this new feature, when you share a link with view-only permissions with other people, those people will now be able to copy that same link directly from the Share dialog when they attempt to share. If your only option to share with others is Only people with existing access, you will be able to send a request to the owner to share this file with specific people directly in the sharing control. The owner of the file will then receive a request and will be able to approve or reject the request.

[When this will happen:]

Targeted Release: We will begin rolling out mid-September (previously mid-August) 2024 and expect to complete by late September (previously late August) 2024. 

General Availability (Worldwide, GCC, GCC High, and DoD): We will begin rolling out mid-September (previously mid-August) 2024 and expect to complete by late September (previously late August) 2024.   

[How this will affect your organization:]

With this new feature, anyone who accesses a Microsoft 365 apps file with view-only permissions will see this new experience. 

Learn more: Sharing files, folders, and list items – Microsoft Support (content within will be updated before rollout begins).

[What you need to do to prepare:]

This rollout will happen automatically by the specified dates with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Updated September 5, 2024: We have updated the rollout timeline below. Thank you for your patience.

A modernized user experience (UX) for Microsoft Purview eDiscovery will be available in the Purview portal. In this new UX experience, Content Search, eDiscovery Standard, and eDiscovery Premium are unified so that users can now navigate a shared workflow that simplifies the transition between non-premium and premium features. This UX modernization also introduces features that enhance the eDiscovery process. Some of these new features include:

• Enhanced search efficiency with message ID and sensitivity labels for faster access to information.
• Use of the improved search by Sensitive Information Type (SIT) interface for user-friendly selection without manual input.
• Advanced Data Source Mapping allows linking a user’s OneDrive using input such as the user’s mailbox Simple Mail Transfer Protocol (SMTP) address or user’s name, streamlining data retrieval and management.
• Acceleration through powerful investigation capabilities, such as user’s frequent collaborators, providing a comprehensive view of the user’s networks.
• Stay updated with the new Data Source synchronization feature, which allows users to easily track any new or removed data locations, ensuring that eDiscovery investigations remain aligned with the latest data source landscape.
• The new visual Statistics feature allows users to gain insights at a glance, such as Results containing Sensitive Information Types, top communication participants, and so on.
• Monitor long-running processes with an informed and transparent progress bar with the option to cancel (for certain process types) if needed.
• Obtain a full process report for all actions taken, such as statistics for holds and exports, bolstering the defensibility of your eDiscovery efforts.
• Customize your exports with new settings, including the option to export as a single PST file path truncation and the use of friendly names to make exported data more accessible.

This message is associated with Microsoft 365 Roadmap ID 383744

[When this will happen:]

Public Preview: We will begin rolling out late July 2024 and expect to complete by early August 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out mid-November 2024 (previously early October) and expect to complete by late December 2024 (previously late November)

[How this will affect your organization:]

The unification of Content Search, eDiscovery Standard, and eDiscovery Premium into a single eDiscovery solution in the new Microsoft Purview portal will necessitate updates to your organization’s training materials and documentation.

Content Search, eDiscovery Standard, and eDiscovery Premium as separate solutions in the compliance portal (left) vs unified eDiscovery experience in the new Purview portal (right)

The current compliance portal eDiscovery Standard, Premium, and Content search experience will be deprecated as part of the portal deprecation by the end of 2024.

[What you need to do to prepare:]

Update internal documentation and provide training to all eDiscovery users in your organization.

Learn more about the new Purview Portal.

Updated September 5, 2024: We have updated the rollout timeline below. Thank you for your patience.

In new Outlook for Windows, users will be able to open attachments of all types in their preferred desktop apps by double-clicking on them.

This message is associated with Microsoft 365 Roadmap ID 401123.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out early September 2024 (previously late August) and expect to complete by early October 2024 (previously late September).

General Availability (GCC): We will begin rolling out early October (previously late September) 2024 and expect to complete by late October 2024 (previously mid-October).

[How this will affect your organization:]

This feature is designed to streamline the process of opening attachments in desktop apps by reducing the number of steps, making it more efficient in your daily workflow.

What’s new

Previously, double-clicking on an attachment in new Outlook for Windows would open a preview of the file within Outlook. This meant that if users wanted to open the file in a desktop app, they would first have to save the file locally.

Now, when a user double-clicks on an attachment, the file will open in the desktop app specified as the default app to open that file type in the user’s operating system, just like in Outlook Desktop and Windows Mail apps. Single-clicking on an attachment will continue to open a preview of the file within Outlook.

It’s important to note that, for security reasons, users will see a confirmation dialog every time they open an attachment of a certain file type unless they choose to dismiss it permanently. To do so, they must uncheck the “Always ask before opening this type of file” checkbox for each file type (.pdf, .docx, .xlsx, jpeg, etc.).

This feature is available by default.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

This was originally announced in MC837081 (July ’24). The original message was incorrectly removed so we are providing this follow up message with the original content as a reminder. We apologize for any inconvenience this may have caused.

—-Original message content—-

We will be retiring the Send password in email feature from Microsoft 365 admin center starting August 30, 2024. Instead, we recommend using the new Print option in the Microsoft admin center to save the user account details and share them in a secure manner with your users.

Admins will no longer be able to receive usernames and passwords in email after this change is implemented.

This change will happen automatically by the specified date. No admin action is required.

Learn more: Reset passwords – Microsoft 365 admin | Microsoft Learn

Coming soon for Microsoft Viva Amplify: Authors editing sections in the Amplify main draft or the Amplify distribution channel for Microsoft SharePoint can now use Design ideas to rearrange and reformat their image, text sections, and the banner webpart. The selected designs for these sections are displayed in Outlook and Teams according to the channel specific render capabilities.

This message is associated with Microsoft 365 Roadmap ID 412943.

[When this will happen:]

Targeted Release: We will begin rolling out early September 2024 and expect to complete by mid-September 2024.

General Availability (Worldwide): We will begin rolling out mid-September 2024 and expect to complete by late September 2024.

[How this will affect your organization:]

Before this rollout: Users don’t see design ideas in Viva Amplify.

After this rollout

Authors editing a section in the Amplify main draft or the Amplify distribution channel for SharePoint will see an icon for Design ideas in the content pane selection. For sections containing the webparts listed later in this message, a red dot will appear in the Design ideas content pane pivot (on the right of the screen) to let you know it has ideas available. Select this pivot to open the Design ideas pane.

Figure 1: The Viva Amplify main draft showing the Design ideas content pane pivot with the red dot (on the right of the screen).

The Design ideas pane contains suggestions for new layouts, backgrounds, text formatting, and image webparts to enhance the section selected. The author can click on the suggestions to try and apply different ideas.

Figure 2: The Amplify main draft showing Design ideas for a section containing 2 text webparts:

The selected ideas on main draft or the SharePoint distribution channel are visible for the published SharePoint page. The distribution channels for Outlook and Teams will adopt the design within the limits of the render capabilities of the channels. These designs can be previewed and customized specific to the channels.

After this first release, Design ideas will only be available for sections containing one or more of these:

• 1 banner webpart
• 1, 2, and 3 text webparts
• 1, 2 and 3 text and image webparts
• 1 blank text webpart

These new Viva Amplify features will be on by default and accessible to all users with Authoring permissions.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. You might want to notify users, update your user training, and prepare your help desk.

Before rollout, we will update this post with revised documentation.

CLONE FOR GALLATIN/USSec/USNat

Updated September 6, 2024: We have added an image below. Thank you for your patience.

We’re making some changes to the handling of ActiveX objects in the Microsoft Office client apps.

Starting in new Office 2024, the default configuration setting for ActiveX objects will change from Prompt me before enabling all controls with minimal restrictions to Disable all controls without notification. This change applies to the Win32 desktop versions of Word, Excel, PowerPoint, and Visio.

[When this will happen:] 

For new Office 2024, this change will happen immediately when it’s released in October 2024.

For Microsoft 365 apps, this change will rollout in stages beginning in April 2025.

[How this will affect your organization:]

Users will no longer be able to create or interact with ActiveX objects in Office documents when this change is implemented. Some existing ActiveX objects will still be visible as a static image, but it will not be possible to interact with them. In non-commercial SKUs of Office, users will see this notification when an ActiveX object is blocked by the new default behavior:

The new default setting is equivalent to the existing DisableAllActiveX group policy setting.

[What you need to do to prepare:]

When this change takes effect, if you need to use ActiveX controls in Office documents, you can change back to the previous default behavior using any one of the following methods:

• In the Trust Center Settings dialog, under ActiveX Settings, select the Prompt me before enabling all controls with minimal restrictions option.
• In the registry, set HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security\DisableAllActiveX to 0 (REG_DWORD).
• Set the Disable All ActiveX group policy setting to 0.

We will enable continuous access evaluation (CAE) of tokens in the Microsoft 365 admin center in September 2024. This feature will proactively terminate active user or admin sessions, or require reauthentication, and enforce tenant policy changes in near real time instead of waiting for an access token to expire.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out mid-September 2024 and expect to complete by late September 2024.

[How this will affect your organization:]

CAE is the feature that allows user or admin sessions to be revoked when certain critical events occur, or the location of the user or admin is not in the allowed IP address range. The access will be terminated almost instantly, instead of waiting for a token to expire.

OAuth 2.0 authentication (open authentication) traditionally relies on access token expiration to revoke a user’s access to modern cloud services. Users or admins whose access rights have been terminated still have access to resources until the access token expires. For the Microsoft 365 admin center, this access can be as long as an hour, by default. With continuous access evaluation, a user’s critical events and network location changes are continuously evaluated.

Enabling CAE offers several key benefits:

• Mitigate insider and data exfiltration threats: An employee can export a valid access token and replay it to gain access to admin center from outside of your organization. With continuous access evaluation, you can enforce IP location policies and monitor user-critical events in near real time to mitigate the risk of external access and exfiltration of data.
• Prevent unauthorized access: When a user account password is compromised, the Microsoft Entra administrator can reset it or disable the account in near real time to prevent unauthorized access to admin center.
• Remove user access in near real time: Organizations have an obligation to instantly remove an admin or user’s access because of security threats, termination of employment, policy violations, or legal requirements. With continuous access evaluation, the Microsoft Entra administrator can instantly disable admin or user accounts and revoke access to organization resources in near real time.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your admins about this change and update any relevant documentation.

Learn more: Continuous access evaluation in Microsoft Entra – Microsoft Entra ID | Microsoft Learn

CAE will be supported in Microsoft 365 admin center. To take advantage of CAE’s IP location conditional access (CA) policy enforcement, you should set up Continuous access evaluation strict location enforcement in Microsoft Entra ID – Microsoft Entra ID | Microsoft Learn

Introducing new advanced trainable classifiers in Microsoft Purview Communication Compliance to detect potential workplace safety violations such as hateful or violent content and to assign severity scores to unsafe text across over 100 languages. These classifiers are built using large language models for enhanced detection.

This message is associated with Microsoft 365 Roadmap ID 146859.

[When this will happen:]

General Availability (Worldwide): We began rolling out late August 2024 and expect to complete by early September 2024.

[How this will affect your organization:]

Microsoft Purview Communication Compliance provides tools to help organizations detect business conduct and regulatory compliance violations (e.g. SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.

These new classifiers are configured by default in the ‘Detect Inappropriate Content’ template policy and can be selected in the trainable classifier menu when creating a custom policy.  

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

You can access the Communication Compliance solution in the Microsoft Purview compliance portal.

Learn more: Learn about Communication Compliance.

Updated September 6, 2024: Thank you for your feedback. We are going to provide a new Message center post shortly with more details to help you understand and act on this change. We apologize for the inconvenience, and you can safely disregard this message.

We’re making some changes to allowed size and count of values for various Exchange properties, here are the definition of the limits:

• Max length: Size of each value
• Max Count: Total count of values

[When this will happen:]

Changes will be applied in two phases between late September 2024 and late November 2024

[How this affects your organization:]

When this change takes effect, you will not be able to exceed the allowed limits

Starting late September 2024, we’re adding the following limits to these properties: 

Phase1: 

Starting late November 2024, we’ll be adding limits to the following properties:

Phase 2: 

[What you can do to prepare:]

Review the new limits and take action as appropriate for your organization.