Microsoft Roadmap, messagecenter and blogs updates from 27-02-2026

Updated February 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

Brand Impersonation Protection for Teams Calling adds proactive safeguards against fraudulent or deceptive external callers who attempt to appear as trusted organizations. This helps reduce social-engineering risks and improves tenant security when users receive first-contact external calls. This update aligns with Microsoft’s ongoing investments in caller identity protection and secure collaboration.

This message is associated with Microsoft 365 Roadmap ID 543239.

[When this will happen:]

Targeted Release: Rollout will begin early April 2026 (previously mid-March) and is expected to complete by late April 2026 (previously late March).
General Availability: Timelines will be communicated in a future message.

[How this affects your organization:]

Who is affected:

• All organizations using Microsoft Teams Calling that receive inbound VoIP calls from first-contact external callers.

What will happen:

• Teams will evaluate inbound calls for signs of brand impersonation.
• Users will see high-risk call warnings before answering suspicious calls.
• Warnings may continue during the call if risk signals persist.
• Users can accept, block, or end the call.
• The feature will be enabled by default.
• Existing Teams Calling policies remain unchanged.

[What you can do to prepare:]

No admin action is required at this time.

• Inform helpdesk staff that users may begin seeing high-risk call warnings.
• Update internal training materials if applicable.
• Review Microsoft documentation on caller ID security when available.

Before rollout, we will update this post with new documentation.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

We’re enhancing AI analysis in Data Security Investigations (DSI) to help analysts evaluate risky content more efficiently. These updates streamline the workflow by automatically preparing items for AI analysis as they’re added to an investigation and by introducing a new standard categorization option. Standard categorization can reduce time and cost, while advanced categorization—including AI‑generated topics—remains available.

This message is associated with Microsoft 365 Roadmap ID 557556.

[When this will happen]

• Public Preview: Rolling out mid‑March 2026 through mid‑April 2026.
• General Availability (Worldwide): Rolling out mid‑April 2026 through mid‑May 2026.

[How this will affect your organization]

Who is affected

• Microsoft Purview administrators and analysts using Data Security Investigations.
• All Microsoft 365 tenants with access to DSI capabilities.

What will happen

• Items added to an investigation will be automatically prepared for AI analysis, reducing manual steps.
• A new standard categorization option will be available.
• Advanced categorization (including AI‑generated topics) remains available.
• No changes to existing admin settings—feature is enabled by default as part of the DSI workflow.
• Users may notice:
  • Faster categorization and analysis readiness.
  • An updated categorization selection interface.

Screenshot – Data Security Investigations standard vs. advanced categorization:

[What you can do to prepare]

No admin action is required before rollout.

To prepare:

• Inform analysts and relevant security operations staff about the new categorization options.
• Update internal documentation if you describe DSI workflows or categorization processes.

Learn:

• Learn about Data Security Investigations | Microsoft Purview | Microsoft Learn
• Use AI analysis in Data Security Investigations | Microsoft Purview | Microsoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

We’re adding a new Exchange Online admin policy that gives admins more control over the default Mail Compose and Reply setting that determines whether commas are used as recipient separators.

This message is associated with Microsoft 365 Roadmap ID 557676.

[When this will happen]

• General availability (Worldwide): Rollout will begin in early April 2026 and complete by mid‑April 2026.

[How this will affect your organization]

Who is affected

• Exchange Online administrators
• All users composing or replying to email in Outlook where no per‑user override is configured

What will happen

• A new admin policy will be available to set the tenant‑wide default for “Use commas as recipient separators.”
• Admins can choose whether the default is on or off for all users.
• Users may still change this setting in their Outlook client unless an admin enforces a policy that locks it: 

  

• This update is especially useful for organizations whose contacts commonly use “Last name, First name” formats.
• No changes will occur automatically—tenants will retain existing behavior unless an admin modifies the policy.

[What you can do to prepare]

No action is required.

If desired, you may:

• Review your organization’s preferred recipient formatting conventions.
• Update internal documentation if your helpdesk or user‑training materials reference this setting.
• Configure the new admin policy after rollout if you want to establish a consistent default.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

The Bing Maps data provider will be retired in the near future. To ensure service continuity, SharePoint’s Weather, World Clock, and Events web parts will migrate to Azure Maps as the new backend data provider. This update is backend-only and does not change any end-user functionality or experience.

[When this will happen]

General Availability (Worldwide, GCC): Rollout will begin in late March 2026 and complete by late April 2026.

[How this affects your organization]

Who is affected:

• Organizations using the SharePoint Weather, World Clock, or Events web parts.
• Admins responsible for allowlists, network security, or governance of SharePoint sites.

What will happen:

• The data provider for these web parts will migrate from Bing Maps to Azure Maps.
• Azure Maps services used by these web parts are supported in most regions except China.
• No changes occur to end-user experience or configuration.
• No admin toggle is provided; migration is automatic.

[What you can do to prepare]

• Add atlas.microsoft.com to your organization’s allowlist if applicable.
• Confirm that network, firewall, and proxy configurations allow traffic to this domain.
• Review SharePoint pages that use these web parts.
• Communicate this backend update to site owners or helpdesk staff as needed.
• Update internal documentation as needed.

Learn more: 

• Use the Events web part | Microsoft Support
• Use the World clock web part | Microsoft Support
• Show the weather on your page | Microsoft Support

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

We are rolling out an update to Microsoft Teams Audio Recap that will expand support to eight additional languages. This enhancement is designed to help more users access concise, podcast‑style summaries of their meetings in their preferred language, improving inclusivity and meeting follow‑up for global organizations. Audio Recap will be available across Android, Desktop, iOS, and Web, ensuring consistent access for users on all major Teams clients. A Microsoft 365 Copilot license will be required to use this feature once rollout is complete.

This update is associated with Microsoft 365 Roadmap ID 554926

[When this will happen]

• Targeted Release: Rollout will begin in early March 2026 and complete by mid‑March 2026.
• General Availability (Worldwide): Rollout will begin in late March 2026 and complete by mid‑April 2026.

[How this affects your organization]

Who is affected

• Microsoft 365 tenants with users who have a Microsoft 365 Copilot license
• All Microsoft 365 tenants where Teams Audio Recap is available

What will happen

• Audio Recap will begin supporting eight additional languages, including variations across:
  • Chinese
  • English
  • French
  • German
  • Italian
  • Japanese
  • Portuguese
  • Spanish
• Users will see these languages as options on the Audio Recap generation page once rollout is complete: 

  

  

• No admin policy changes or configuration will be required.
• The feature will remain on by default for tenants where Audio Recap is already available.

[What you need to do to prepare]

No action is required.

Optional preparation steps include:

• Update internal training materials to reflect new language availability.
• Inform helpdesk staff that new language options will appear beginning in March 2026.

Learn more: Listen to audio recaps of your meetings | Copilot in Teams | Copilot | Microsoft Support

[Compliance considerations]

This feature stores new customer data. Generated audio recap files will be stored in the user’s OneDrive.

[Introduction]

We are introducing a new handoff experience that allows users to take content created in Copilot Pages and seamlessly continue authoring as a SharePoint news post. This update helps users move from ideation to publishing more efficiently.

[When this will happen:]

General Availability (Worldwide, GCC): We will begin rolling out on late May 2026 and expect to complete by mid-June 2026.

[How this affects your organization]

Who is affected:

• Users who create content in Copilot Pages and publish SharePoint News
• Organizations using Microsoft 365 Copilot with SharePoint Online

What will happen:

• Users can move content from Copilot Pages directly into a SharePoint News post.
• A new SharePoint option will appear under the Create button in Copilot Pages:

  

• Selecting SharePoint opens the content in SharePoint News for continued editing and publishing.
• The feature is enabled by default.
• Existing SharePoint permissions, policies, and governance controls are respected.
• There is no disruption to existing SharePoint News workflows.

[What you can do to prepare]

No specific action is required. You may consider:

• Inform users who regularly publish SharePoint News about the new Copilot Pages handoff.
• Update internal documentation or training materials if you reference Copilot or SharePoint authoring workflows.
• Review SharePoint News governance and permissions to ensure they align with your organization’s publishing practices.

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

We’re extending Microsoft Defender for Office 365 (MDO) URL click alerting to Microsoft Teams, giving security teams greater visibility into potentially malicious activity beyond email. By surfacing alerts when users click malicious or suspicious links in Teams messages, organizations can detect threats earlier, investigate faster, and respond more effectively—all from the Microsoft Defender portal.

This message is associated with Microsoft Roadmap ID 557549.

[When this will happen:]

• Public Preview (Worldwide): We will begin rolling out late February 2026 and expect to complete by early March 2026.
• General Availability (Worldwide): We will begin rolling out early March 2026 and expect to complete by mid-March 2026.
• General Availability (GCC, GCCH, DoD): We will begin rolling out early May 2026 and expect to complete by late May 2026.

[How this affects your organization:]

Who is affected:

• Organizations licensed for Microsoft Defender for Office 365 Plan 2
• Organizations licensed for Microsoft 365 E5
• Security admins and SOC teams monitoring alerts in the Microsoft Defender portal
• Users who send or receive Microsoft Teams messages containing URLs

What will happen:

• Two existing MDO alerts will now also trigger for Microsoft Teams URL clicks, in addition to email:
  • A user clicked through to a potentially malicious URL
  • A potentially malicious URL click was detected
• Alerts will appear on the Defender alerts page alongside existing alerts.
• Alerts will include the associated Teams message as evidence, providing richer investigation context.
• Teams signals will be included in incident correlation, helping connect related activity across email and Teams.
• Incident pages will surface Teams message data directly, reducing the need to switch investigation contexts.
• Automated investigation and response (AIR) will not be supported for the Teams URL click alerts.
• The feature is enabled by default for eligible tenants.
• No changes are made to user workflows.

[What you can do to prepare:]

• No action is required. The feature is automatically enabled for eligible tenants.
• Review alert workflows and incident response playbooks.
• Inform SOC and helpdesk teams about Teams-based alerting.

Learn more:

Alert policies in the Microsoft Defender portal | Microsoft Learn (will be updated before rollout)

[Compliance considerations:]

• Forms: Messages with a series of questions of types such as multi-select, single-select, dropdown, single-line input, date picker, and multiline input.
• Suggested replies: Reply buttons.
• Custom JSON: Freeform cards that you create using Microsoft’s adaptive card technology.

• Suggested replies: A card with up to three reply buttons.

• Uploading a CSV file to match contacts or leads in Dataverse.
• Using the API to upload a CSV file and match contacts or leads.

• Specify if the preview dial needs to be started automatically and specify the time allowed for the representative to review the details before the call starts automatically.
• Allow the representative to choose the best number to dial from the contact phone numbers list.

As part of our efforts to simplify our experiences, creating a presentation and adding a slide with Copilot will soon no longer be available via the Sparkle icon above the slide in PowerPoint for Windows, Web, and Mac. Instead, you can access the ability to create a presentation with Agent Mode via the Copilot chat pane in PowerPoint.

Our goal with this change is to converge our experiences into chat to provide a single, consistent Copilot experience when working with presentations on Windows, Web, and Mac.

[When will this happen:]

We are targeting the removal of the Sparkle icon above the slide in PowerPoint and the redirection to Agent Mode to begin rolling out mid-March on Web and complete by end of March. For Windows and Mac, we are targeting to begin rolling out at the end of March and complete by mid-April.

See Microsoft 365 Roadmap | Microsoft 365 for other new capabilities coming in April and beyond.

[How this will affect your organization:]

Once the change has rolled out, users will need to follow these steps to create a presentation with Copilot:

1. Start a new presentation in PowerPoint.
2. Click on the Copilot icon in the lower right-hand corner in PowerPoint to open the Copilot chat pane.

   

3. Click on the Tools button in input box within the Copilot chat pane.

   

4. Click on Agent Mode in the drop down menu.

   

5. Type in a prompt with a description of the presentation you’d like Copilot to help you draft.

Note: Support for referencing files is coming soon.



6. Click the -> button to submit your prompt.

   

7. Copilot may ask you some clarifying questions such as who is the target audience of the presentation, what presentation and image style you’d like, etc. before generating an outline of your presentation. Share your preferences or skip and let Copilot decide.

   

8. Once Copilot has generated your outline, you can continue to chat with Copilot to refine your outline. When you’re ready, you can let Copilot know to generate your slides.
9. After Copilot has generated your presentation, you can continue to chat with Copilot to edit and refine your slides.

   

[What you need to do to prepare:]

You may want to notify your organization about this change and consider updating your training and documentation as appropriate as users will get this change automatically as it progresses through the deployment rings.

You can leverage organization or on-brand templates in Agent Mode by setting up Brand Kits. Alternatively, you can store templates in an organization assets library.

• File upload and API options: Upload files containing customer data to onboard contacts for proactive engagements or use API integration to directly submit proactive engagement requests with attributes.
• Reattempts configuration: Administrators have granular control over retry logic for proactive engagements by setting up the following options:
  • Outcome-based retries
  • Maximum attempts and wait times
  • Number selection and stacking
  • Contact chaining
• Communication preferences: Controls to honor customer communication preferences include:
  • Contactable hours and days
  • Holiday restrictions
  • Consent management

• If you already have bot protection enabled:
  You will not experience any behavioral changes. The feature toggle will no longer appear in Settings, as the feature is now permanently enabled.
• If you currently have bot protection disabled:
  The feature will be activated automatically. The toggle for this feature will no longer appear in Settings. You may also notice a minor decrease in interaction metrics as bot-generated interactions across channels will be filtered out.

• Secure Boot Certificate Updates for Azure Virtual Desktop
• Secure Boot Certificate Updates for Windows 365
• Monitoring Secure Boot certificate status with Microsoft Intune remediations
• Secure Boot status report in Windows Autopatch
• Secure Boot playbook for certificates expiring in 2026
• Secure Boot Certificate updates: Guidance for IT professionals and organizations

• Rules that compare old/new values for anomaly detection.
• Data pipelines that analyze field-level deltas.
• Custom compliance checks running in Purview.