Microsoft Roadmap, messagecenter and blogs updates from 11-10-2025

Updated October 10, 2025: After further evaluation we have determined that this feature will not roll out at this time to ensure the best experience for our customers. You can safely disregard this message. Thank you for your understanding.

Introduction

We’re introducing the Microsoft 365 Copilot agents report, a new Power BI report available in Microsoft Viva Insights. This report provides visibility into the usage of declarative agents, which extend Microsoft 365 Copilot capabilities. It enables leaders and admins to understand adoption trends across their organization and explore usage patterns for individual agents.

This new feature is associated with Microsoft 365 Roadmap ID 488104.

When this will happen

Public Preview (Worldwide): We will begin rolling out in early October 2025 (previously mid-September) and expect to complete by mid-October 2025 (previously late September).

General Availability (Worldwide): We will begin rolling out in early December 2025 and expect to complete by late December 2025.

How this affects your organization

The report will be available to leaders, delegates, managers, and analysts with access to the Reports page in Viva Insights. It includes:

A summary of agent adoption over time, agent responses, and usage by creator type, including a preview of top agents used:

Agent usage within Microsoft apps that include Copilot experiences:

A list of agents used in your organization, sorted by active users:

A deep dive into individual agent usage and retention, segmented by organization:

In aggregated metrics, insights from all in-scope agents will be included. To protect employee privacy, individual agent metrics will only be shown if usage meets the minimum group size threshold.

What you can do to prepare

• Review the impact of this report for your organization.
• Consider engaging your works council if applicable.
• Update training materials and documentation.

Learn more: 

• Copilot Analytics introduction | Viva Insights | Microsoft Viva | Microsoft Learn
• Customize Viva Insights privacy settings – Minimum group size | Viva Insights | Microsoft Viva | Microsoft Learn
• Declarative agents for Microsoft 365 Copilot overview | Extensibility | Microsoft 365 Copilot | Microsoft Learn

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.

[Introduction]
We’re upgrading the Copilot experience in Microsoft Loop to align with Microsoft 365 Copilot Pages. In the interim, some of the Copilot integrations will be temporarily removed. Once fully completed, this update replaces older Copilot integrations with a consistent, high-quality model—reducing user confusion and improving reliability across chat and page contexts.

[When this will happen:]

• Temporary removal of older Copilot integrations: Rolled out on September 9, 2025.
• Upgraded experience: Currently in development. More details will be shared in a future post.

[How this affects your organization:]
Who is affected: All Microsoft 365 tenants using Microsoft Loop.
What will happen:

• Older Copilot integrations will be removed from Loop.
• Users will see a consistent set of Copilot entry points that match the Microsoft 365 Copilot Pages experience.
• Prompts will return results consistent with Microsoft 365 Copilot Pages.
• During the transition, users can still access Copilot via the chat button or create a Recap on a page, using older integrations.
• Once the upgrade is complete, Copilot Shortcuts, Ask Copilot in the context menu, improved chat performance, and updated model capabilities will be restored.

[What you can do to prepare:]

• Remove references in training materials to:
  • Slash menu commands like Draft page content or Summarize page
  • Ask Copilot context menu
  • Copilot integration during page creation
• Update documentation to reflect that:
  • Page creation and summarization will be fully integrated into the Copilot chat experience.
  • Users will be able to interact with Copilot on selected content using Ask Copilot context menu when functionality is restored.

[Compliance considerations:]
No compliance considerations identified, all compliance capabilities will be the same as the Microsoft 365 Copilot Pages experience. 

[Introduction]

To simplify and streamline notification experiences across Microsoft 365, Microsoft is retiring the desktop notification capability in Viva Engage. This change helps reduce redundancy and ensures consistency across supported channels such as Teams, Outlook, and Viva Engage in-app notifications. It also affects how users receive @mention and community announcement notifications on desktop.

[When this will happen:]

This change will roll out automatically by mid-November 2025. 

[How this affects your organization:]

• Who is affected:
  • Users who previously enabled desktop notifications in Viva Engage.
  • Tenant admins who configured desktop notification settings in Admin Center.
• What will happen:
  • The following settings will be removed:
    • The Allow users to enable desktop notifications setting will be removed from Admin Center.

    

    • The Desktop push notifications option will be removed from user Notification settings.

    

  • Users will no longer receive @mention and community announcement notifications via desktop push.
  • Users will continue to receive notifications via:
    • Viva Engage in-app
    • Microsoft Teams
    • Outlook (web, mobile, and desktop)

[What you can do to prepare:]

• Inform users that desktop notifications—including @mention and community announcement alerts—will no longer be available in Viva Engage.
• Encourage users to rely on Teams, Outlook, and Viva Engage in-app notifications.
• Update internal documentation if it references desktop notification settings.
• No admin action is required for this change.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

To improve visibility and control over Copilot agents, Microsoft is introducing a new capability in the Microsoft 365 admin center that allows administrators to manage SharePoint agents directly from the Agents section of the Copilot Control System (formerly Integrated Apps). This update provides a centralized view of all shared agents and enables admins to block or unblock specific agents used in Copilot Chat.

This message is associated with Roadmap ID 487857.

[When this will happen:]

General Availability (Worldwide): Rollout begins in late September 2025 and is expected to complete by late October 2025.

[How this affects your organization:]

• Who is affected: Microsoft 365 administrators managing Copilot agents; organizations using SharePoint agents in Copilot Chat.
• What will happen:
  • A new Agents section will appear in the Microsoft 365 admin center under Copilot Control System.

  

  • Admins will be able to view all SharePoint agents used in Copilot Chat.
  • Admins can block or unblock specific agents from being used in Copilot Chat.
  • Blocking currently only affects Copilot Chat, not OneDrive, SharePoint, or Teams.
  • The feature is available by default; no opt-in is required.

[What you can do to prepare:]

• No immediate action is required unless you wish to block specific agents.
• Agents used in Copilot Chat will automatically appear in the admin center.
• To manage agents:
  • Go to Microsoft 365 admin center > Copilot Control System > Agents.
  • Review agent activity and block any agents as needed.
• Update internal documentation and helpdesk guidance as needed.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

We’re introducing support for Model Context Protocol (MCP)-based agents in Microsoft 365 Copilot and the Microsoft 365 admin center. This update enables developers to build Copilot agents using MCP servers and allows users and admins to interact with these agents using familiar experiences. This change supports extensibility and improves agent management capabilities for organizations.

Rollout will begin in late October 2025 and is expected to complete by mid-November 2025.

Who is affected:

• Admins managing Microsoft 365 Copilot
• Users accessing Copilot agents

What will happen:

• MCP-based agents will appear in the Copilot Agent Store
• Users can install MCP-based agents directly from the store
• Admins can deploy MCP-based agents to users via the store or custom packages
• Admins will see MCP agent details, including server information, in the Microsoft 365 admin center under Copilot > Agents
• Existing extensibility controls and lifecycle management policies for Copilot agents will apply to MCP-based agents
• The feature will be ON by default for all tenants

Screenshot 1 – Admin view:

Screenshot 2 – User view:

[What you can do to prepare:]

• No action is required at this time
• Review the MCP-based agent catalog to ensure agents align with your organization’s policies
• Update internal documentation if you track agent types or deployment methods
• Communicate this change to helpdesk or support teams as needed

No compliance considerations identified, review as appropriate for your organization.

Microsoft Graph now includes APIs that support Teams administration scenarios through beta:

• Teams User Configuration API
• Number Management APIs
• Policy Assignment APIs

These APIs enable programmatic access to user configurations, telephone number management, and policy assignments—helping organizations automate and scale Teams management. They are designed to support extensibility, automation, and integrations with your existing tools and workflows.

Please note that these APIs are currently available via the Microsoft Graph through beta. They are supported in commercial environments and accessible through both delegated and application permissions.

• Who is affected: Admins managing Teams users, policies, or voice configurations.
• What will happen:
  • Teams User Configuration API: Retrieve detailed Teams settings for users, including effective policy assignments and voice attributes. Details: List userConfigurations
  • Number Management APIs: Retrieve telephone number details, assign, and unassign telephone numbers. Details: List numberAssignments
  • Policy Assignment APIs: Assign or unassign Teams policies for users. Details: teamsPolicyUserAssignment: assign

• Begin exploring the APIs using the Microsoft Graph beta endpoints.
• Ensure your applications and scripts use the appropriate permission scopes.
• For feedback or questions, contact: [email protected]

Learn more:

• User Configuration Graph API – List userConfigurations | Microsoft Graph | Microsoft Learn
• Number Management Graph API(s) – List numberAssignments | Microsoft Graph | Microsoft Learn
• Policy Assignment/Un-Assignment Graph API(s) – teamsPolicyUserAssignment: assign | Microsoft Graph | Microsoft Learn

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

To help organizations gain deeper insights into Copilot adoption—especially among users with Copilot licenses—we’re introducing new usage intensity metrics in the Microsoft 365 admin center. These metrics include aggregated prompt activity at both the organization and user levels. User-level metrics capture total prompts submitted across Copilot Chat (work) and Copilot Chat (web), as well as active days. This enhanced visibility enables admins to track usage patterns and adoption trends more effectively.

The update to the report is rolling out and will be available under Reporting > Usage > Microsoft 365 Copilot > Copilot.

This message is associated with Microsoft 365 Roadmap ID 503860.

[When this will happen:] General Availability (Worldwide): Rollout begins mid-October 2025 and is expected to complete by late October 2025.

[How this affects your organization:]

• Who is affected: Admins managing Microsoft 365 Copilot usage reporting.
• What will happen: Following new metrics will be available: 
  • Total and average prompt counts at both organization and user levels
  • Daily prompt submission trends in Copilot Chat
  • Prompts submitted (any app)
  • Copilot Chat (work) prompts submitted
  • Copilot Chat (web) prompts submitted
  • Active days

[What you can do to prepare:]

• No admin action is required prior to rollout.
• Inform relevant stakeholders to begin utilizing the updated report once available.
• Review updated reporting paths and metrics in the Microsoft 365 admin center.

Learn more: Microsoft 365 reports in the admin center – Microsoft 365 Copilot usage | Microsoft 365 | Microsoft Learn

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

Admin activity related to agent management will now be logged in Microsoft Purview Unified Audit Logs. This enhancement improves visibility and traceability for security teams managing Copilot agents across Microsoft 365 services.

This message is associated with Microsoft 365 Roadmap ID 498227.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in late October 2025 and is expected to complete by mid-November 2025.

[How this affects your organization:]

Who is affected:Admins managing Microsoft Copilot agents in Microsoft 365 environments.

What will happen:

• Admin actions such as publishing, deploying, removing, and updating agents will be logged.
• Changes to agent settings at both tenant and agent levels will be captured.
• Audit schema includes key data points such as agent name, agent type, and admin ID.
• Logs will be accessible via the Purview Portal.
• Feature is enabled by default; no configuration required.

Screenshot 1 – Search view in the new Microsoft Purview Unified Audit Log:

Screenshot 2 – Details view in the new Microsoft Purview Unified Audit Log:

[What you can do to prepare:]

• Security teams can begin searching and reviewing agent-related admin actions in the Purview Portal.
• Familiarize yourself with audit log search capabilities in Purview.
• No additional configuration is required to enable logging.

[Compliance considerations:]

[Introduction:]

To improve threat detection accuracy and responsiveness, Microsoft Defender for Cloud Apps is expanding its dynamic model for threat protection. This update enhances the signal-to-noise ratio (SNR) of detections and enables faster adaptation to emerging threats, helping security teams stay ahead of evolving risks.

This rollout continues the migration of legacy threat detection policies, following the first batch announced in Message center post MC1061724. The second batch introduces new detections that replace several legacy policies, further aligning with our goal of delivering more precise, research-driven protection.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): Rollout begins early November 2025 and is expected to complete by the end of November 2025.

[How this affects your organization:]

Who is affected:

Organizations using Microsoft Defender for Cloud Apps, including tenants in Worldwide, GCC, GCC High, and DoD environments.

What will happen:

• The dynamic model will be expanded to include additional research-driven detections.
• These detections are continuously updated by Microsoft security researchers to reflect the evolving threat landscape.
  • Detections may be added, removed, or modified dynamically to ensure optimal protection.
  • These are research-driven and enabled by default, requiring no manual configuration.
• The second batch of legacy policies being migrated includes:
  • “Unusual ISP for an OAuth App”
  • “Suspicious file access activity (by user)”
• These will be replaced with the following detections:
  • Replacing “Unusual ISP for an OAuth App”:
    • “OAuth application activity from an unknown ISP (Preview)”
  • Replacing “Suspicious file access activity (by user)”:
    • “Suspicious file access from untrusted ISP and user agent with malicious IP indicator (Preview)”
    • “Suspicious file access indicative of lateral movement (Preview)”
  • Adding new detection “Activity from a password-spray associated IP address (Preview)”

• These new detections are already available to you in Preview; the “(Preview)” suffix will be removed once legacy policies are disabled.
• Governance actions configured on legacy policies will be disabled. Admins can re-enable them manually after 24 hours.
• Migrated policies will be listed in Create Defender for Cloud Apps anomaly detection policies | Microsoft Learn.
• Eventually, all other out-of-the-box (OOTB) activity-based policies will be migrated to the new dynamic model. Future Message center posts will provide details as additional policies are transitioned.

By applying the new dynamic model, we aim to deliver more accurate and timely threat detections, enhancing your organization’s overall security posture.

In some cases, legacy policies may be split into multiple detections and alerts to provide deeper visibility and context for SOC teams.

During the gradual migration of OOTB policies, disabled policies will remain temporarily visible in Defender for Cloud Apps. Once migration is complete, these legacy policies will be removed from the legacy policies page. A separate Message center post will be published to confirm their removal.

[What you can do to prepare:]

No admin action is required before rollout.

To prepare:

• Review your current policy configurations to assess impact.
• Notify SOC and helpdesk teams about the updated detections.
• Update internal documentation if referencing legacy policies.
• If you wish to retain governance actions:
  • Wait 24 hours after disablement.
  • Re-enable policies from the legacy policies page at: Defender portal > Cloud apps > Policy management.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction:]

To help users prepare more effectively for meetings, Microsoft Copilot in Outlook is expanding to support all meetings – including 1:1s. In this update, there will also be new real-time insights that summarize relevant context, tasks, documents, and other resources directly within the meeting event form. Users will also be able to chat with Copilot to prepare more deeply, whether it’s confirming action items or learning more about meeting goals. Customer feedback has been focused on providing a more comprehensive meeting preparation experience, and with this update, users will be more informed and ready to engage.

[When this will happen:]

• General Availability (Worldwide): Begins mid-October 2025; expected completion by November 2025

[How this affects your organization:]

Who is affected:

• All users in tenants with Microsoft Copilot enabled and using Outlook

What will happen:

• Copilot will help users prepare for all meetings 
• Users will see contextual insights within the Outlook meeting event form
• Suggested prompts will help users prepare more deeply in chat with Copilot
• The feature is ON by default for all eligible tenants
• No changes to existing admin policies or configurations are required

[What you can do to prepare:]

No action is required at this time. However, we recommend the following to maximize value:

• Inform users about the expanded meeting coverage and encourage them to explore the enhanced summaries in Outlook
• Consider updating internal documentation or training materials to reflect the new capabilities

[Compliance considerations:]

As part of our ongoing security efforts, we have made a recent change to Certificate-Based Authentication (CBA) behavior for Exchange ActiveSync. The enhancement is designed to support TLS 1.3, strengthening security and reliability for our customers.

With this change all Exchange ActiveSync CBA traffic will be routed to new, dedicated endpoints based on tenant location

[How this will affect your organization:]

This change has already begun to roll out in the worldwide multi-tenant cloud and will start rolling out in other clouds starting November 2025. As a result of this change all Exchange ActiveSync CBA traffic will be routed to new, dedicated endpoints based on tenant location:

• Multi-tenant (Worldwide and GCC): outlook-cba.office365.com
• DoD: outlook-dod-cba.office365.us
• GCC-High: outlook-cba.office365.us

[What you need to do to prepare:]

For most Exchange ActiveSync clients, this change will be seamless. The client traffic will be implicitly redirected to the new CBA endpoints without any user action required.

However, if your organization uses a Secure Email Gateway (SEG) or similar gateway that filters or inspects ActiveSync traffic, you may need to update your firewall or gateway configuration to allow traffic to and from the new CBA endpoints listed above.

If you have questions or concerns on this change, please contact your SEG vendor. We appreciate your cooperation and commitment to maintaining a secure environment.

Learn more:

Upcoming TLS Changes for Certificate Based Auth ActiveSync Traffic. 

RFC 8446 – The Transport Layer Security (TLS) Protocol Version 1.3

Specified at [MS-ASHTTP]: Authorization | Microsoft Learn ActiveSync official documentation, EAS requests without authorization header will be treated as a CBA request.  

Introduction:

Microsoft has updated the Microsoft Customer Agreement (MCA) to reflect recent changes in our commercial offerings and ensure alignment with evolving customer needs. Accepting the updated agreement is required to maintain uninterrupted access to Microsoft services.

When this will happen:

This change is effective immediately. Customers should review and accept the updated agreement as soon as possible to avoid service disruptions.

How this affects your organization: 

What will happen:

• Organizations must review and accept the updated MCA to continue placing new orders.
• Failure to accept the new terms will prevent new purchases.
• Partners will be unable to manage subscriptions on behalf of customers who have not accepted the updated agreement.

What you can do to prepare:

• Review and accept the updated Microsoft Customer Agreement in the Microsoft admin center.
• Ensure your partner is informed of your acceptance to avoid disruptions in subscription management.

[Introduction]

To help security teams better manage and report on data loss prevention (DLP) alerts, Microsoft Purview is introducing a new classification property. This feature allows alerts to be categorized directly in the Purview portal as True Positive, False Positive, or Benign Positive. Classifications can be applied individually or in bulk, and they sync bi-directionally with Microsoft Defender.

This message is associated with Microsoft 365 Roadmap ID 511795.

[When this will happen:]

Public Preview: Rollout will begin in late October 2025 and is expected to complete by early November 2025.

General Availability (Worldwide): Rollout will begin in late November 2025 and is expected to complete by early December 2025.

[How this affects your organization:]

• Who is affected: Admins managing DLP alerts in the Microsoft Purview portal.
• What will happen:
  • A new classification property will be available for DLP alerts.
  • Alerts can be classified as True Positive, False Positive, Benign Positive, or Not Set.
  • Classification can be applied individually or in bulk.
  • Classification will sync between Purview and Defender portals.
  • Feature will be enabled by default; no admin action is required to activate.

[What you can do to prepare:]

• No action is required to enable this feature.
• Review internal documentation and update any alert handling workflows.
• Communicate this change to security and compliance teams.
• Use the classification property to enhance reporting and incident response.
• For bulk classification, select multiple alerts and use the Set Status button in the alerts queue page.

For visual guidance, refer to the confirmation email attachments for high-resolution PNGs.

[How to use the feature:]

1. Generate a DLP alert.
2. Open the Purview alerts page.
3. Open the alert details and classify the alert:
   
4. Alerts can be classified using the left panel on the alerts queue page after clicking the Manage Alerts button:
   
   
5. You can also classify multiple alerts in bulk by selecting them and clicking the Set Status button:
   
   

[Introduction]

Browse your company’s approved logos, icons, and photos right inside PowerPoint—no need to search elsewhere. We’re introducing Organization Images in PowerPoint to help users easily access company-approved logos, icons, and photos directly within the app. This feature streamlines brand compliance and saves time by eliminating the need to search for assets externally.

This message is associated with Microsoft 365 Roadmap ID 509111.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in late October 2025 and is expected to complete by late November 2025.

[How this affects your organization:]

Who is affected: All users of PowerPoint in Microsoft 365 tenants with an Organization Assets Library (OAL) configured.

What will happen:

• Users will be able to browse and insert approved images directly from a centralized library in PowerPoint.
• The feature will be ON by default for all tenants. Admins must set up their SharePoint OAL for employees to use this feature effectively.
• Admins can manage which images are available, ensuring brand consistency and compliance.
• Reduces the risk of using outdated or unauthorized images.
• No impact to end-user workflow unless the OAL is not set up.

[What you can do to prepare:]

• Set up the OAL: Create an organization assets library | SharePoint in Microsoft 365 | Microsoft Learn
• Use Microsoft PowerShell to specify the image OAL to be searchable: Connect organizational asset libraries to Copilot | SharePoint in Microsoft 365 | Microsoft Learn
• Upload enterprise images: Add approved logos, pictures, and other image type assets to the designated SharePoint library.
• Create folders by asset type (e.g., logos, images) to enable type-based filtering. Note: Only top-level (L1) folders are supported; subfolders cannot be used for filtering.
• Add robust image metadata for better search: Apply descriptive tags and metadata to each image. For guidance, refer to: 
  • Find and manage images using enhanced image tagging | Microsoft 365 | Microsoft Learn
  • Overview of image tagging | Microsoft 365 | Microsoft Learn

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.