Microsoft Roadmap, messagecenter and blogs updates from 23-01-2026

Updated January 22, 2026: We have updated the timeline. Thank you for your patience.

[Introduction]

Starting end of February 2026, we will introduce jailbreak and root detection for Entra credentials in the Microsoft Authenticator app on both iOS and Android platforms. This change enhances security by preventing Entra credentials from functioning on jailbroken/rooted devices. All existing Entra credentials on jailbroken or rooted devices will be wiped to protect your organization. This capability is secure by default and does not require any admin configuration or control.

[When this will happen] 

General Availability (Worldwide iOS) rollout begins in end of February 2026 and is expected to complete in May 2026 (previously April).

General Availability (Worldwide Android) rollout begins in March 2026 (previously February) and is expected to complete in June 2026 (previously April).

[How this affects your organization]

Who is affected: All users of Microsoft Authenticator on iOS and Android whose Entra credentials are registered on jailbroken or rooted device. This is going to be a continuous check.

What will happen:

• The feature is secure by default and enabled to all customers. There is no opt-out capability..
• Users on jailbroken or rooted devices will experience the following phased rollout. An estimated gap between 3 phases is ~ 1 month.
  • Phase 1 – Warning Mode: Users receive a warning that their device is jailbroken or rooted and will be blocked in the future (screenshots 1-4): 

  

  

  

  

  • Phase 2 – Blocking Mode: Users are blocked from registering Entra credentials or signing in via Authenticator (screenshots 5-8):

  

  

  

  

  • Phase 3 – Wipe Mode: Existing Entra credentials are wiped from jailbroken or rooted devices (screenshots 9-11):

  

  

  

• Users on non-Jailbroken or non-rooted devices will not be affected.

[What you can do to prepare]

• Notify users about this upcoming change. Users will see error messages or banners in the Authenticator app during warning or blocking phases. These screens are dismissible but indicate the device status.
• Communicate to helpdesk staff that Authenticator will become unusable for Entra accounts on jailbroken or rooted devices.
• Update internal documentation if you reference Authenticator usage.
• No admin action is required to enable or configure this feature.

Learn more: About Microsoft Authenticator | Microsoft Support

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

Updated January 22, 2026: We have updated the timeline. This feature will be enabled for en-US only initially. Thank you for your patience. 

[Introduction:]

Audio summaries help users absorb content quickly, but they’ve traditionally been passive, one-way experiences. Listeners can’t clarify, explore, or dive deeper without breaking flow — forcing them to pause, switch modes, and manually search for answers. Based on feedback for more dynamic and immersive audio experiences, Microsoft is introducing real-time voice interactions in Podcast. The new interactive podcast feature transforms this into a dynamic, conversational experience, where users can join the hosts’ discussion of their document, ask questions in real time, and uncover insights naturally — staying immersed while gaining understanding faster.

This message is associated with Microsoft 365 Roadmap ID 523206.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in early February 2026 (previously early January) and is expected to complete by early March 2026 (previously end of January).

[How this affects your organization:]

• Who is affected: Customers with Copilot licenses who generate audio overviews.
• What will happen:
  • Users will be able to join podcast conversations and ask questions in real time.
  • The feature enhances document-based podcasts with interactive voice capabilities.
  • The feature will be ON by default for eligible users.
  • No changes to existing admin policies are required.

[What you can do to prepare:]

• No admin action is required.
• Communicate this change to helpdesk staff.
• Update internal documentation if you reference podcast or audio overview features.
• For more information, refer to upcoming documentation in the Microsoft Learn portal.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Updated January 22, 2026: We have updated the timeline. This feature will be enabled for en-US only initially. Thank you for your patience. 

[Introduction:]

Read Aloud is evolving from a passive listening tool into an interactive experience. By integrating Copilot Q&A, users can now ask questions and refine their understanding of document content in real time—without interrupting their workflow. This enhancement supports accessibility, improves comprehension, and helps users stay focused while gaining insights faster.

A Microsoft 365 Copilot license is required to use this feature.

This message is associated with Microsoft 365 Roadmap ID 523205.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in early February 2026 (previously early January) and is expected to complete by early March 2026 (previously end of January).

[How this affects your organization:]

• Who is affected: All users of Read Aloud in Microsoft 365. Users with a Microsoft 365 Copilot subscription will receive the enhanced experience.
• What will happen:
  • Users with Copilot will see a new interactive voice-driven Read Aloud experience.
  • The entry point remains the same as classic Read Aloud.
  • Users without Copilot will continue to use the classic Read Aloud functionality.
  • No changes to admin policies or configurations are required.
  • The feature is enabled by default for eligible users.

[What you can do to prepare:]

• No admin action is required.
• Notify your users about the upcoming change.
• Update internal documentation if you reference Read Aloud functionality.
• If you manage helpdesk communications, consider sharing a short blurb about the new experience.

[Compliance considerations:]

Updated January 22, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To enhance wireless content sharing in meeting spaces, Microsoft Teams Rooms on Windows devices will soon support Miracast. This complements existing options like Teams Cast and HDMI ingest and is available for devices including touch boards. This feature is exclusive to Teams Rooms Pro.

This message is associated with Roadmap ID 506748.

• Targeted release: We will begin rolling out in mid-March 2026 (previously mid-February) and expect to complete by end of March 2026 (previously end of February).
• General Availability: We will begin rolling out end of March 2026 (previously end of February) and expect to complete by mid-April 2026 (previously end of March).

Who is affected: Admins managing Teams Rooms on Windows devices with Teams Rooms Pro licenses.

What will happen:

• Miracast will be available as a wireless sharing option in Teams Rooms on Windows.
• The feature will be OFF by default and can be enabled via a tenant-wide toggle in the IT admin portal.
• Laptop devices must support Miracast to use this feature.
• No impact to end-user workflow unless enabled by admin.

• Review your Teams Rooms device compatibility with Miracast.
• Enable the feature via the IT admin portal if desired.
• Communicate the availability of Miracast to helpdesk and meeting room support staff.
• Update internal documentation to reflect the new sharing option.

No compliance considerations identified, review as appropriate for your organization.

Updated January 22, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re introducing new Word, Excel, and PowerPoint agents in Microsoft 365 Copilot to help users create documents, workbooks, and presentations more efficiently in Copilot Chat within the Frontier program. These agents assist with creating documents, workbooks, and presentations by using web and enterprise grounding. Each agent supports multi-turn chat, enabling user to refine content through an interactive back-and-forth conversation.

[When this will happen:]

• General Availability: January 29, 2026

[How this affects your organization:]

If your organization is part of the Frontier program and has enabled Anthropic usage in your tenant, users will be able to access Word, Excel, and PowerPoint agents via the navigation pane in the M365 Copilot app or within the Tools menu in Copilot chat across Word, Excel and PowerPoint. Additionally, users can invoke these agents by typing “@” followed by the agent name (for example, @PowerPoint).

Who is affected:

• Copilot Chat users in the Microsoft 365 Copilot app in the Frontier Program.

What will happen:

• Users will have access to the following Copilot agents:
• Word agent: Assists with research, formatting, layout, and content refinement for documents such as strategic plans, policy documents, and technical papers.
• Excel agent: Supports data analysis, formula generation, trend identification, and summarization of insights.
• PowerPoint agent: Helps generate presentations from outlines or documents, suggests layouts, and refines visual storytelling.
• Each agent supports multi-turn chat for iterative content development.
• Users can perform high-level iterations on the generated files via chat directly in the Word, Excel, and PowerPoint agents. For more extensive or granular editing, users can open their documents in the respective applications.



• The feature will be ON by default for tenants with Copilot access, Frontier enabled, and for tenants who have opted into Anthropic usage. If Anthropic usage is disabled by the admin, the agents will not appear in the user experience. Learn more: Connect to Anthropic’s AI models | Microsoft Learn.

[What you can do to prepare:]

• No action is required at this time.
• Communicate availability to helpdesk or content teams.
• If desired, review internal documentation or training materials to reflect the new capabilities.

Learn more: Get started with Word, Excel, and PowerPoint Agents in Microsoft 365 Copilot (Frontier)

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Updated January 22, 2026: We have updated the timeline and content. Thank you for your patience. 

[Introduction:]

We’re introducing a new way to personalize meeting summaries in Microsoft Teams. The Custom AI Summary feature allows Copilot users to create tailored meeting notes using sample content, instructions, or prebuilt templates. This enhancement is designed to improve flexibility and productivity by enabling users to generate summaries that better suit their needs. 

This message is associated with Microsoft 365 Roadmap ID 501540.

[When this will happen:]

Targeted Release rollout will begin in mid-December 2025 and is expected to complete by mid-January 2026.

General Availability rollout will begin in early February 2026 and is expected to complete by late February 2026.

[Language supported:]

All Teams Intelligent Recap supported languages

[How this affects your organization:]

Who is affected:

Copilot users in Microsoft Teams on desktop (English only).

The feature requires a Microsoft 365 Copilot license.

What will happen:

• Users will see a new option to create custom AI summaries in Teams Meeting Recap.
• Users can build templates using sample notes, freeform instructions, or prebuilt structures.
• Two out-of-box templates will be available: Speaker summary and Executive summary.
• Templates can be saved and reused across meetings.
• The feature is enabled by default for eligible users.
• No admin policy changes are required.

Screenshot 1 – View of a user-created Topic summary:

Screenshot 2 – View of a user-created Topic summary template:

[What you can do to prepare:]

No action is required at this time.

If desired, you may:

• Communicate this update to helpdesk or support staff.
• Encourage Copilot users to explore the new summary options and provide feedback.
• Review internal documentation if you reference Teams Meeting Recap features.

Learn more: What’s New in Microsoft Teams | Microsoft Ignite 2025 | Microsoft Community Hub

[Compliance considerations:]

Updated January 22, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We are adding new, more granular permissions for users to get access to administrative areas in Viva Glint. These areas include Advanced Configuration, Nudges, General Settings, and Viva Integrations. We are also updating the name of the highest privileged role in Viva Glint to “Viva Glint Service Admin,” and for increased security, restricting the ability to assign new Viva Glint Service Admins to the Microsoft Admin Center (MAC) only.

[When this will happen:]

General Availability (Worldwide): Rollout will begin March 9, 2026 (previously early February) and complete by March 9, 2026 (previously early February).

[How this affects your organization:]

Who is affected: Admins managing Viva Glint roles and permissions.

What will happen:

• Additional permissions will be introduced for Advanced Configuration, General Settings, Nudges, and Viva Integrations.
• Assigning Viva Glint Service Admins will only be possible through the MAC.
• M365 Global Admins and Viva Glint Tenant Admins will have sole responsibility for assigning Service Admins.
• All Viva Glint Service Admins will have Advanced Configuration access going forwards
• No changes to existing admin policies; this update enhances security and role clarity.

[What you can do to prepare:]

• Review your organization’s needs to determine how to use these new permissions
• Ensure that only M365 Global Admins or Viva Glint Tenant Admins are prepared to assign Service Admins via MAC.
• Update internal documentation and communicate these changes to your helpdesk or support teams.

Learn more about Viva Glint roles and permissions: Viva Glint documentation.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Updated January 22, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To support organizations that will run additional employee listening programs, such as surveys for AI transformation or change management, we will introduce a dedicated Survey designer role. This role will grant selected users the ability to create and run Viva Glint surveys with only the permissions required for that work. It will not provide access to platform settings or sensitive data. This will allow organizations to expand survey creation in a secure and flexible way.

[When this will happen]

General Availability (Worldwide): We will begin rolling out on March 9, 2026 (previously mid‑February) and expect to complete by March 9, 2026 (previously mid‑February).

[How this affects your organization]

Who is affected:

• Viva Glint customers in Microsoft Viva
• Admins assigning roles and users who create surveys

What will happen:

• A new Survey designer role will be available in Viva Glint.
• Users assigned this role will be able to create and run Viva Glint surveys, collect employee feedback, and manage survey lifecycle tasks.
• Survey designers won’t have access to broader Viva Glint configuration settings or sensitive admin data.
• The role will be available by default but must be explicitly assigned by an admin.

[What you can do to prepare]

• Review which users may benefit from expanded survey creation capabilities.
• Assign the Survey designer role as needed in Viva Glint role management.
• Update internal documentation as relevant.
• Communicate this role availability to stakeholders who run employee listening programs.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated January 22, 2026: We have updated the content. Thank you for your patience. 

[Introduction]

With this release, users with a Microsoft 365 Copilot license will be able to set up custom calendar instructions so that Copilot will proactively RSVP to new meeting requests and remove canceled meetings on their behalf. For example, users will be able to instruct Copilot to “Always accept meetings from /name if my calendar is free,” “Always follow meetings after 5pm,” or “Always remove canceled meetings from my calendar,” helping keep their calendars up to date and clutter free. After instructions are set, Copilot will monitor relevant calendar events and take the appropriate action. All actions will appear in notifications in the Copilot button on the Outlook calendar, helping reduce calendar clutter, resolve untriaged invites, and keep users focused on the meetings that matter.

This feature will be available only in new Outlook and Outlook for web, in English language.

The first-run experience for calendar instructions will roll out later and will be the primary way users discover this feature.

[When this will happen]

General Availability (Worldwide): We will begin rolling out worldwide in late January 2026 and expect to complete by early March 2026.

[How this will affect your organization]

Who is affected:

• Users with a Microsoft 365 Copilot license using the new Outlook or Outlook for web.

What will happen:

• Users can set custom calendar instructions that allow Copilot to automatically respond to incoming meeting invites.
• Users can create an instruction for Copilot to always remove canceled meetings from their calendars.
• Copilot will monitor relevant calendar events and perform actions proactively after instructions are set.
• Users will receive notifications and activity logs for all calendar actions Copilot completes.
• No admin policies will change; the feature is available to licensed users as part of Copilot’s calendar capabilities.
• A first-run experience that introduces users to calendar instructions will roll out later to help users discover the feature.

[What you can do to prepare]

• Ensure users who need this capability have a Microsoft 365 Copilot license.
• Inform helpdesk staff or update internal documentation as needed.
• No additional admin configuration is required.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

As mentioned in MC540749 and MC1029989, Microsoft Entra ID (formerly known as Azure Active Directory) and Microsoft Intune will retire the Conditional Access “Require approved client app” grant control in June 2026 (previously March 2026). We recommend utilizing the “Require application protection policy” grant control, which provides the same data loss and protection with additional benefits.

[How this will affect your organization:]

If you have a Conditional Access policy with “Require approved client app” grant control configured, after this change, you will no longer be able to enforce this control, it will be as if this grant is not selected.

[What you need to do to prepare:]

We recommend updating your Conditional Access policy to using the “Require application protection policy” grant control. For more information, see Migrate approved client app to application protection policy in Conditional Access.

[Introduction]

We’re expanding Microsoft Purview Insider Risk Management with new, ready-to-use risk indicators for Microsoft Fabric lakehouse activities. These indicators complement the existing Power BI indicators and help organizations detect potential data theft or data leakage involving Fabric lakehouse assets.

This message is associated with Microsoft 365 Roadmap ID 543243.

[When this will happen]

General Availability (Worldwide): We will begin rolling out in late February 2026 and expect to complete by late February 2026.

[How this will affect your organization]

Who is affected:

• Insider Risk Management administrators using indicators within data theft or data leak policies.
• Organizations with users working in Microsoft Fabric lakehouses.

What will happen:

• New ready-to-use risk indicators for Fabric lakehouse user activities will be available in the Insider Risk Management indicator catalog.
• You can use these indicators in data theft and data leaks policies.
• Insider Risk Management admins with appropriate permissions can opt in to these new indicators in the Microsoft Purview portal.
• The indicators are not enabled by default.
• No changes will occur to existing Power BI indicators or policies unless updated by an admin.
• These indicators will appear in the new Microsoft Purview portal.

[What you can do to prepare]

No immediate action is required. If you want to use Fabric lakehouse indicators:

• Review your Insider Risk Management configuration in the Microsoft Purview portal.
• Enable the new indicators:
  • Go to Insider Risk Management > Settings > Indicators in the new Microsoft Purview portal.
• Update any internal documentation that lists available indicators.
• Consider informing your security operations and compliance teams about these new detection capabilities.
• Learn more: Configure policy indicators in Insider Risk Management | Microsoft Purview | Microsoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

This feature provides admin’s control over Outbound MTA-STS and SMTP DANE validations for emails sent over outbound connectors in Exchange Online, allowing organizations to choose how strictly the service enforces MTA-STS and SMTP DANE when sending mail to external domains.

Admins will be able to configure each outbound connector to use the following modes:

1. Opportunistic [default], applies to both MTA-STS and SMTP DANE. Opportunistic Mode means Exchange Online will attempt to perform validations for both MTA-STS and SMTP DANE but still sends the message if the destination doesn’t support either protocol.
2. None, which applies to both MTA-STS and SMTP DANE and disables the validation entirely, therefore reducing the security of emails sent over that connector by removing MTA-STS and/or SMTP DANE protections designed to prevent downgrade attacks and spoofed MX redirection.
3. Mandatory, applies only to SMTP DANE and enforces full SMTP DANE and DNSSEC validation, requiring the destination to support Inbound SMTP DANE with DNSSEC and queueing mail if the validation does not succeed.

[When this will happen]

General Availability (Worldwide): We will begin rolling out in late February 2026 and expect to complete by late March 2026.

[How this will affect your organization]

Connectors will default to Opportunistic Mode. Opportunistic Mode is already the default behavior for Exchange Online outbound connectors. 

[What you need to do to prepare]

If you do not want to change the MTA-STS and/or SMTP DANE validation behavior for your outbound connectors, there is no action you need to take and you can ignore this post.

If you do want to change the MTA-STS and/or SMTP DANE validation behavior for your outbound connectors, review the documentation on this feature which will be updated and provided in this post prior to release. 

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

We’re retiring the Microsoft Defender for Endpoint (MDE) API and XDR API and transitioning customers to the Microsoft Graph Security API. This update aligns our security integrations with a unified interface and schema across Microsoft Defender products. The Microsoft Graph Security API provides broader data coverage, improved consistency, and better scalability for automation and security workflows.

[When this will happen] 

• Retirement start: February 6, 2026
• Full retirement: February 1, 2027
• After February 1, 2027, the MDE and XDR APIs will no longer function.

[How this affects your organization]

Who is affected: 

• Organizations using the MDE API or XDR API for automation, integration, or custom workflows.
• You are receiving this message because our reporting indicates your organization may be using these APIs.

What will happen:

• The MDE and XDR APIs will stop functioning after February 1, 2027.
• Existing scripts, automations, and workflows that rely on these APIs will fail if not updated.
• The Microsoft Graph Security API will be the supported API for accessing Microsoft security data.
• No automatic migration will occur; manual updates will be required.

[What you can do to prepare]

• Migrate all existing API workflows to the Microsoft Graph Security API by January 31, 2027.
• Update internal documentation, automation scripts, and integration endpoints to use the Microsoft Graph Security API.
• Communicate these changes to your security operations, engineering, and development teams.
• Review Microsoft documentation to plan your migration: Use the Microsoft Graph security API.
• If your organization uses custom solutions, validate that new queries and response schemas work as expected before the retirement date.

Learn more:

• Advanced hunting – Use the Microsoft Graph security API | Microsoft Graph | Microsoft Learn
• Migrate from the older APIs – Use the Microsoft Graph security API | Microsoft Graph | Microsoft Learn
• (to be retired) Microsoft Defender for Endpoint (MDE) API
• (to be retired) Microsoft Defender XDR API

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated January 20, 2026: We’ve updated how Teams meeting join links appear in meeting invites. As part of the broader rollout of the new, shorter meeting URL format, meeting invites now display the full join link directly instead of a labeled “Join the meeting now” hyperlink. This improves link consistency, reliability across clients and email applications, and makes copying and sharing the link easier. This update does not change meeting functionality or attendee experience. Existing Teams and Outlook clients continue to support the new link format.

Please note that information about meeting link expiry changes related to this rollout has been added.

We are reducing the length of Microsoft Teams meeting URLs for easier sharing. This rollout applies to all Microsoft Teams platforms (Teams for iOS, Android, Mac, Teams devices, desktop, and web).

This message is associated with Microsoft 365 Roadmap ID 381953.

[When this will happen:]

Targeted Release: We will begin rolling out mid-February 2025 (previously mid-January) and expect to complete by late February 2025 (previously late January). Only Meet Now use cases (except Meet Now in chats and channels) will be affected in this timeframe. There will be no impact on the scheduled meetings in this phase.

General Availability (Worldwide, GCC): We will begin rolling out January 2026 (previously mid-May 2025) and expect to complete by end of January 2026 (previously late May 2025).  

General Availability (GCC High, DoD):  We will begin rolling out February 2026 (previously early August 2025) and expect to complete by end of February 2026 (previously late October 2025).

[How this will affect your organization:]

The new URL syntax is: https://teams.microsoft.com/meet/<meeting_id>?p=<HashedPasscode>

To make meeting URL shorter, we are removing several parameters such as tenant ID, conversation ID etc. This change serves two main goals: 1) improving usability of URL during sharing and 2) making the URL more secure and less susceptible to malicious attacks.

Here are some details about how meeting links work and when they expire:

1. In case the meeting organizer gets removed from the tenant, the links to the meetings scheduled by them automatically expire.
2.  Every meeting link expires in 60 days after the scheduled event or in 8 hours, if it was created as Meet Now. Learn more about expiration timelines for different types of meetings.

With the Short Meeting URL release, expiration limit will be applied to all newly created links.

Once the change to Short Meeting URL is released, all newly created meetings will expire as described in the documentation: 60 days after meeting ends for scheduled meetings and 8 hours after creation for Meet Now. Once this expiry period is over, in case someone clicks the link (e.g. outside of Teams app OR in the meeting details inside Teams calendar section), they will be unable to join the meeting.

Note: Old links created before short meeting URL release will continue working as it previously was (user will be able to join even after the documented expiry limits).

The reason why we are making this change is simple: security is our topmost priority. Maintaining a high security level is essential to protect sensitive data, prevent financial losses, ensure business continuity, and meet compliance and legal obligations. It is a critical aspect of modern digital life and business operations. This adjustment is designed to enhance the security of Teams meeting links, thereby better safeguarding the customer tenant. We want to be on par with modern security standards, that’s why the new behavior is a step in the right direction that we must take. It’s not possible to keep the current behavior. If you think it breaks some of your business processes, please leave comment to the MC post and describe your case there.

Recommendations in case the meeting link has expired:

For meeting organizer: We recommend scheduling a new meeting. If the meeting organizer got removed from the tenant someone else should reschedule their meetings from scratch.

For participant: Please reach out to the meeting organizer and ask them to reschedule the meeting or send you an updated link.

[What you need to do to prepare:]

You may want to check if you have any integrations that use parameters from URL. After the rollout, the URL will only contain the meeting ID. Parameters such as tenant ID, organizer ID, conversation ID and message ID will not be in the URL.

You may inform meeting organizers from your tenant who use expired meeting links, or you may want to make a tenant-wide announcement about this change.

This rollout will happen automatically by the specified date with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.