Microsoft Roadmap, messagecenter and blogs updates from 27-03-2026

Updated March 26, 2026: We have updated the timeline. Thank you for your patience.

Coming soon to Microsoft Teams: When users connect to their organization’s Wi-Fi, Teams can automatically set their work location to reflect the building they are working in. This makes it easier for users to coordinate work with their coworkers and connect in person.

This feature is opt-in and requires you to take action to configure it. After you turn it on, end-users remain in control and can choose whether to share their work location with their coworkers.

This message applies to Teams for Windows desktop and Teams for Mac desktop.

This message is associated with Microsoft 365 Roadmap ID 488800.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out early May 2026 (previously early April) and expect to complete by late May 2026 (previously mid-April).

[How this will affect your organization:]

This feature allows you to map Wi-Fi networks and devices to buildings, which allows your users to have their work location automatically updated when they connect. This is a major improvement over the current experience which relies on end-users to manually set their work location. When this feature is configured and enabled, Teams can automatically update the work location of users who connect their laptop to your organization’s Wi-Fi network or peripherals. The feature can leverage the mapping between your building names and your Wi-Fi networks to set the work location of your users to the right building. It can also leverage mappings to specific peripherals, such as monitors. Teams uses the same policy to enable or disable automatic updates of work location for Wi-Fi and peripherals. Learn more: New-CsTeamsWorkLocationDetectionPolicy (MicrosoftTeamsPowerShell) | Microsoft Learn

Teams will not update the location of your users if they connect after their working hours (that they can configure in the Microsoft Outlook Calendar). Also, their work location will be cleared at the end of their working hours.

[What you need to do to prepare:]

Automatic update of work location is off by default, but it can greatly improve the experience of your users. We recommend turning it on and configuring it in your tenant.

Before rollout, we will update this post with new documentation.

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

 We’re adding new peripheral health reporting capabilities to the Pro Management portal, enabling admins to proactively monitor device issues in bring your own device (BYOD) rooms and desks.

These reports help identify when peripherals are faulty, missing, moved, or undetectable by a PC—allowing admins to take action before users report problems. Reports for rooms require a Teams Shared Devices license. Desk reporting is currently in public preview.

This change is associated with Microsoft 365 Roadmap ID: 493319

[When this will happen:]

General Availability (Worldwide and GCC): Rollout will begin in early May 2026 (previously early April) and is expected to complete by mid-May 2026 (previously mid-April).

[How this affects your organization:]

Admins can now use peripheral status data to detect hardware issues in BYOD rooms and desks before they impact users. This proactive monitoring can reduce support tickets and improve meeting space reliability.

• Reports for rooms require a Teams Shared Devices license.
• Reports for desks are available in public preview and do not yet require a license.

[What you can do to prepare:]

To ensure accurate peripheral status reporting:

• Use multiple peripherals in each room or desk setup. The system compares expected device pairings (e.g., if Peripheral A and B are usually connected together, but A is missing, it will be flagged).
• Simplify connectivity for users by using a single cable solution to connect all peripherals.
• Ensure rooms and desks are bookable and have associated peripherals—this enables the Teams desktop client to send the necessary telemetry. Peripheral association can be done manually or automatically.

[Compliance considerations:]

• Does the change alter how existing customer data is processed, stored, or accessed? Maybe (device telemetry is used for reporting)

Updated March 26, 2026: We have updated the timeline. Thank you for your patience.

[Introduction]

Agent in Viva Engage communities are now available in Public Preview. Community admins can add agents to communities to help draft answers to questions without best or verified answers based on community content and add context to posts by answering follow up questions using the community’s conversations and SharePoint site and library.

We’re now adding the option for community admins to specify additional SharePoint sites outside the community as grounding sources. The agent will only use sites that community admins select, and it drafts answers from items that community members can view (Read).

We are also adding a new capability: tagging by community members. Tagging by community members enables Microsoft 365 copilot-licensed users to @-mention the community agent in the comments and replies of threads with follow up questions and requests to add context to posts. When tagged, the community agent will reply in the post. Tagging by community members will be enabled by default, but can be disabled by community admins in the agent settings.

[When this will happen:]

• Agents in communities Public Preview: available now
• SharePoint Grounding on Community site and library Public Preview (Worldwide): available now
• Grounding on SharePoint sites and libraries outside the community and tagging by community members Public Preview (worldwide): Rollout begins July 2026 (previously late March) and should be completed by end of July 2026 (previously mid-April).
• General Availability (Worldwide): We will communicate via Message center when we are ready to proceed.

• Who is affected: Viva Engage community admins and members with Microsoft 365 Copilot licenses; Global and Engage admins managing Viva Engage networks
• What will happen:
• During Public Preview:
• Admins can opt their network into the preview via the Engage admin center: Engage admin center > Tenant Settings > Enable Community Agent Public Preview.

Figure i. Add agent to community​

The agent will proactively draft answers to unanswered questions using past conversations.

By default, the agent posts answers automatically.

Admins can configure whether the agent posts answers automatically or only after approval and if tagging by community members is enabled.

Figure ii. Configure the agent’s capabilities and knowledge sources

[Grounding on SharePoint sites outside the community]

• Community admins can add SharePoint sites and libraries outside the community as additional grounding sources (for sites/libraries they administer).
• When an admin adds a site or library, they’ll be prompted to grant the community’s Microsoft 365 group Read access if it doesn’t already have permission.
• The agent only drafts answers using content that all community members can view (Read).
• By default, the agent uses the community’s SharePoint site and library. Any sites outside the community are optional and add to (not replace) the default grounding.

If Require review is enabled, admins and designated experts will be notified when the agent drafts an answer. They can approve, edit, or dismiss the response.

Figure iii. Community admins and experts can review agent suggestions​

If tagging by community members is enabled, then community members can @-mention the agent in messages.

Coming soon (General Availability):

The agent will only use content that all community members can access.

Admins must be owners of the SharePoint sites they wish to configure.

Admins can add additional SharePoint sites to expand the agent’s grounding knowledge.

The agent will be grounded by default on the community’s SharePoint site.

Community members can tag the community agent in community posts.

All Microsoft 365 Copilot licensed users will have access to the Community Agent by default.

The Community Agent Public Preview toggle will be retired.

• If participating in preview:
• Opt your network into the preview via the Engage admin center
• Communicate this change to helpdesk staff. 
• Update internal documentation that references Viva Engage Community Agent behavior or setup.
• No action is required at GA; the feature will be on by default.

Learn more: Set up and manage agents in Viva Engage communities | Microsoft Learn

[Compliance considerations:]

Updated March 25, 2026: We have updated the content with some additional support articles. Thank you for your patience. 

Introduction

We’re introducing support for Microsoft Purview sensitivity labels in OneNote. This update enables users to manually classify and protect OneNote sections using the same compliance standards available across Microsoft 365 apps. Labels can be applied to each OneNote Section, helping ensure sensitive content is encrypted, access-controlled, and aligned with organizational policies. This change supports consistent data protection across platforms and endpoints.

This message is associated with Microsoft 365 Roadmap ID 500020.

When this will happen

General Availability (Worldwide, GCC, GCCH, and DoD): We expect to complete the rollout by late February 2026 (previously late January).

How this affects your organization

This update enhances data protection and compliance capabilities by introducing sensitivity labeling to OneNote sections. Admins will gain greater control over how sensitive information is handled within OneNote, aligning it with other Microsoft 365 apps. This is particularly beneficial for organizations in regulated industries, helping mitigate risk and enforce compliance policies across endpoints.

Who is affected:

All users of supported OneNote clients across platforms, including organizations in regulated industries and those with compliance requirements.

What will happen:

• Sensitivity labels will be available in supported OneNote clients:
  • OneNote Win32 (Desktop)
  • OneNote for Web
  • OneNote for iOS
  • OneNote for Android
  • OneNote for Mac
• OneNote for Windows 10 (UWP) will not support this feature.
• Users will be able to manually apply sensitivity labels directly to OneNote sections.
• Labeled sections will be encrypted and access-controlled based on organizational policies.
• Admins can enforce labeling policies and monitor usage via Microsoft Purview.
• Label policies can be scoped using Entra ID group membership.
• Manual Labeling capability will be supported with this rollout. Other Sensitivity Label capabilities such as auto labeling, mandatory labels, default labeling and user defined permissions (UDP) labels will be rolled out at a future date.

What you can do to prepare

To prepare for this rollout:

• Ensure endpoints are using supported OneNote clients: Win32, Web, iOS, Android, and Mac.
• Transition away from OneNote for Windows 10 (UWP), which will not support sensitivity labels.
• No additional setup is required beyond maintaining updated builds.
• Admins may want to validate readiness and communicate expected changes to users.
• Review and update internal documentation to reflect supported platforms.

Getting Started:

OneNote uses the same sensitivity labels configured for files. However, the labeling capability in OneNote is not enabled by default and must be enabled manually by the IT administrator. For detailed guidance, please refer to ‘Enable sensitivity labels for files in SharePoint and OneDrive’ and to ‘Microsoft Purview sensitivity labels in OneNote’.

Learn more: Learn about sensitivity labels | Microsoft Purview | Microsoft Learn

Compliance considerations

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction:]

We’re introducing a simpler way to view conversations in Viva Engage communities, organized by recent posts rather than recent activity. This new view is designed to make it easier for users to follow discussions and will be available as an option, alongside the current system, for those who prefer sorting by recent activity and filtering to new conversations only.

This message is associated with Microsoft 365 Roadmap ID 513275.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out in May 2026 (previously February).

[How this will affect your organization:]

This change should align better with how people expect to browse and engage with content in their communities, while still preserving the triage flow for those who prefer it.

Who is affected: All Viva Engage users in your organization.

Current experience:

• Communities default to “new” and “recent activity” if there’s any new content (posts or replies).
• If there’s no new content, the feed falls back to “all.”
• Unread indicators on content only exist in the “new” feed.

New experience:

• The feature will be ON by default.
• Communities will default to “all” and “recent posts”:

 

• Unread indicators will exist in both the “new” and “all” feeds.
• A sticky user preference will be introduced:
  • If someone changes the feed (new/all) or sort order (recent posts/recent activity), we will maintain that setting across their communities.
  • If someone picks “new” and there’s no new content in the next community, we will fall back to “all” for that community visit, but “new” will remain the preference for that user.

[What you can do to prepare:]

No action is required.

[Compliance considerations:]

No compliance considerations identified, review as appropriate

Updated March 25, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction:]

We’re introducing a visual refresh of the Access Request and Access Denied page experience across Microsoft 365, redesigned to help users quickly request access to content such as documents, SharePoint sites, or Teams meeting recordings. This update features modern Fluent illustrations, animations, and clearer messaging to make it easier to understand and resolve access issues for a more seamless collaboration experience.

This message is associated with Roadmap ID 553214.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out in early May 2026 (previously late March) and expect to complete by end of May 2026 (previously mid-April).

[How this will affect your organization:]

Who is affected: All users requesting access to content stored on OneDrive and SharePoint.

• Users will see a redesigned Access Request page when attempting to access restricted content: 



• The page will feature updated Fluent visuals and animations.
• Messaging will be clearer to help users understand the status of their request:



• No changes to admin policies or access controls.
• The update will be enabled by default.

[What you need to do to prepare:]

No action is required to enable this update; it will be applied automatically.

However, to ensure a smooth experience for your users, we recommend the following:

• Communicate this change to helpdesk and support staff so they can assist users who may have questions about the new visuals or messaging.
• Update internal documentation if you reference the Access Request or Access Denied experience in training materials or support guides.
• Review any custom workflows or access request processes to ensure they align with the updated experience.
• Monitor user feedback after rollout to identify any confusion or support needs related to the new design.

[Compliance considerations:] 

No compliance considerations identified, review as appropriate for your organization.

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

Express voice enrollment in Microsoft Teams makes registering your voice profile quick and seamless. A voice profile enables features such as voice isolation, speaker recognition, identification in meeting rooms, improved transcripts, and enhanced meeting recaps and insights powered by Microsoft 365 Copilot. If you haven’t enrolled, you’ll receive an in-product prompt to opt in and enroll simply by speaking during a meeting. Admins can enable or disable this feature for their organization.

This message is associated with Roadmap ID 537269.

[When this will happen:]

• Targeted Release: Rollout begins mid-May 2026 (previously early April) and is expected to complete by late May 2026 (previously mid-April).
• General Availability: Rollout begins late May (previously mid-April) and is expected to complete by early June 2026 (previously end of April).

[How this will affect your organization:]

Who is affected:

• All enterprise Microsoft Teams customers except Education (EDU) tenants.

What will happen:

• A new voice enrollment experience will be available in Teams.
• Users will receive an in-product prompt to enroll their voice profile by speaking during a meeting.
• The feature will be ON by default for enterprise tenants.
• EDU tenants are excluded from this rollout.
• If your organization previously disabled voice enrollment policies, this feature will not apply.
• Admins can manage this setting using new PowerShell cmdlets under the PassiveVoiceEnroll configuration in the csTeamsAIPolicy policy.

[What you can do to prepare:]

• Review your organization’s Teams AI policy settings before rollout.
• If you want to disable this feature, update the PassiveVoiceEnroll configuration using PowerShell.
• Communicate this change to your helpdesk and end users as needed.
• Update internal documentation to reflect this new capability.

[Compliance considerations:]

No compliance considerations identified; review as appropriate for your organization.

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re introducing Viva Engage communities in Microsoft Teams to make it easier for employees to connect, share, and learn across your organization. This new experience brings discoverable, asynchronous conversations and leadership engagement into Teams—helping employees explore ideas and perspectives beyond project-based collaboration.

This message is associated with Microsoft 365 Roadmap ID 513274.

[When this will happen]

• General Availability (Worldwide): May 2026 (previously April) to end of May 2026 (previously April)

[How this affects your organization]

Who is affected: All Microsoft Teams users with access to Viva Engage.

What will happen:

• This feature is available to all Microsoft Teams customers with a standard Microsoft 365 and Teams license and access to Viva Engage. No additional Teams license is required.
• Communities will appear in Teams navigation:
  • Unified view: New section in the Chat app.
  • Split view: New section in the Chats and Channels app.
• Existing Viva Engage community memberships will sync into Teams.
• Favorited communities in Engage will appear in Teams favorites.
• Notifications for announcements and mentions will surface in Teams Activity feed and deep link to the new experience.
• Rich engagement features include:
  • Posting discussions, questions, praise, polls, and announcements (admins only).
  • Reactions, delegated posting (requires setup in Viva Engage), and scoped search.
  • Event participation: ask questions, upvote, view live or replay.
• Admins can manage community settings, membership, and roles directly in Teams.
• Default setting: ON for all tenants.

[What you can do to prepare]

• No immediate action required unless you want to disable this feature.
• To turn off communities in Teams:
  • Go to Teams admin center > Viva Engage settings > Toggle OFF.
• Ensure prerequisites:
  • Viva Engage IPs and URLs are not blocked.
  • Sign-ins for Viva Engage are enabled in Microsoft Entra ID.
  • Users have Microsoft 365 and Teams licenses.
• Consider sharing best practices and customization options with users.
• Coordinate with Viva Engage admins for internal change communications.

Learn more:  

• Getting started with Viva Engage Communities in Microsoft Teams | Microsoft Support
• Manage Viva Engage experiences in Microsoft Teams | Microsoft Teams | Micosoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated March 25, 2026: We have updated the content and timeline. Thank you for your patience. 

[Introduction]

Outlook is adding new Microsoft 365 Copilot capabilities that let users create and view Inbox rules using natural language. This update helps users stay organized more efficiently by allowing them to ask Copilot to set up new rules or list existing rules directly in chat, without navigating Outlook settings.

A Microsoft 365 Copilot license is required to access this new feature.

Supported platforms: Available via Microsoft 365 Copilot Chat (Work mode). When used within Outlook, it’s supported on Classic and New Outlook for Windows, Outlook on the web, Outlook for Mac, and Outlook mobile (iOS and Android).

[When this will happen]

General Availability (Worldwide): We began rolling out in early April 2026 (previously early February) and expect to complete by mid-May 2026 (previously mid-March).

[How this affects your organization]

Who is affected: Users with Microsoft 365 and Copilot licenses who use Outlook for email management..

What will happen:

• Users can create new Inbox rules through natural language prompts (for example: “Create a rule to move emails from my manager to a Manager folder.”).

  

• Users can ask Copilot to show their existing Inbox rules, including rule names, conditions, actions, and status.
• Rules created with Copilot operate the same as rules created through Outlook settings:
  • Rules apply only to future incoming messages.
  • Existing messages are not automatically moved or modified.
  • All rules are visible and manageable through Outlook’s native Rules settings.
• The feature is on by default for eligible users and respects all existing Outlook and Exchange policies.

[What you can do to prepare]

• Ensure users have the appropriate Microsoft 365 and Copilot licenses.
• Communicate this update to helpdesk and support teams.
• Update internal documentation if you detail email management features.
• No additional configuration is required for rollout.
• Review the following support article: Create and view Outlook rules with Microsoft 365 Copilot

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated March 26, 2026: We have updated the content. Thank you for your patience. 

[Introduction]

As part of our ongoing mission to deliver a modern, secure, and scalable one-stop management portal for admins, we are transitioning Teams Android device management from the Teams admin center (TAC) to the Teams Rooms Pro Management portal (PMP).

This move consolidates management of all Teams devices, including Teams Rooms on Windows, Teams Rooms on Android, Teams phones, and Teams panels, into a single unified portal, providing IT admins a consistent and seamless experience for managing devices at scale.

[When this will happen:]

• Public Preview: We will begin rollout in early April 2026 and expect to complete by mid-April 2026. 
• General Availability (Worldwide, GCC): We will begin rollout in early June 2026 and expect to complete by mid-June 2026.
• General Availability (GCC High): We will begin rollout in early August 2026 and expect to complete by mid-August 2026.
• General Availability (DoD): We will begin rollout in early September 2026 and expect to complete by mid-September 2026.

[How this affects your organization:]

Who is affected:

Admins who manage Teams Rooms on Android, Teams phones, and Teams panels.

What will happen:

• Starting June 2026, Android device management capabilities, including inventory, updates, health monitoring, and settings will transition from TAC to PMP for the device types, Teams Rooms on Android, Teams phones, Teams panels
• The following capabilities will be available and enhanced in PMP:
• Device inventories for Android-based Teams Rooms, phones, and panels, including metadata and app information
• Remote device actions (restart, log collection, sign-in/out, provisioning, and more)
• Update management
• Device settings management
• Device health monitoring
• SIP device management
• PMP will become the primary portal for all Teams device management. By July 2026, overlapping TAC capabilities (updates, settings, restart, sign-in/out, log collection, provisioning) will begin redirecting to PMP.
• This article serves as the main information source for this transition. We’ll continue updating it with timelines, milestones, migration guidance, and readiness steps as the rollout progresses.

[What you need to do to prepare:]

• No action is required until Android device management reaches General Availability.
• When Android device management reaches General Availability:
• Your existing Android-based Teams devices will automatically appear in PMP.
• Teams Rooms on Android and Teams panels are already visible in PMP.
• If your organization hasn’t used PMP before:
• Admins with Global, Teams, or Teams Device Administrator roles can access PMP at https://portal.rooms.microsoft.com.
• Ensure required URLs are allowlisted per guidance: Enrolling a device into the Pro Management Portal | Microsoft Learn.
• Learn more about Pro Management portal features with these Teams Rooms Pro Management short YouTube videos.
• Update internal helpdesk and IT documentation to reference PMP as the new management portal.
• Additional migration guidance, timelines, and FAQs will be published closer to the transition date.

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

As part of our ongoing protection investments in Microsoft Teams, we will continue expanding the ways users can report suspicious or incorrect activity. Users can already report security concerns and incorrect detections in chats and channels (MC1037768, MC1147984), and more recently in calls (MC1223828). These user‑submitted reports help identify potential malicious activity and strengthen your organization’s security posture.

Building on this foundation, we will introduce new capabilities that allow Teams administrators to review and export user‑reported security submissions directly in the Teams admin center. A new Protection reports section will be added under Analytics and reports, giving admins unified visibility into user‑reported calls, chats, and channels.

This message relates to Microsoft 365 Roadmap ID 536571.

[When this will happen]

Phase 1 – User‑reported call data

• Targeted Release: Rollout will begin in mid-April 2026 (previously mid‑March) and complete in late April 2026 (previously late March).
• General Availability (Worldwide): Rollout will begin in late April 2026 (previously mid‑April) and complete in early May 2026 (previously late April).

Phase 2 – User‑reported chats and channels

• This phase will add message‑level reporting for security concerns and incorrect detections.
• The timeline will be communicated in a future update to this Message center post.

[How this affects your organization]

Who is affected: Teams administrators who have access to Analytics and reports in the Teams admin center.

What will happen:

• A new Protection reports section will appear under Teams admin center > Analytics & reports:

  

• Admins will be able to view and export data about user‑submitted security reports for calls (Phase 1) and later chats and channels (Phase 2).
• Reported interactions will begin populating once users submit reports.
• Admins will be able to review reported calls or messages and take appropriate action.
• Admins will be able to view 1‑day, 7‑day, and 30‑day reporting windows.
• This feature will require that user reporting settings be enabled in the Teams admin center.

[What you can do to prepare]

To ensure reporting data is available when rollout begins, verify that end‑user reporting features are enabled:

• Enable Report a call: Teams admin center > Calling settings
• Enable Report a security concern and Report incorrect detection: Teams admin center > Messaging settings
• Once enabled and users begin submitting reports, access data at: Teams admin center > Analytics & reports > Protection reports > User‑reported security submission
• Update internal documentation if your helpdesk relies on reporting workflows.
• If you maintain training or onboarding materials about Teams security practices, consider adding guidance on how users can report suspicious interactions.

[Compliance considerations]

Updated March 25, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re expanding Microsoft Purview Data Loss Prevention (DLP) controls to provide broader governance for Microsoft 365 Copilot. With this update, DLP policies that prevent Copilot from processing content based on sensitivity labels will now apply to Word, Excel, and PowerPoint files regardless of where they are stored. This enhancement responds to customer feedback requesting more consistent protection coverage across local and cloud-based file locations.

This feature is associated with Microsoft 365 Roadmap ID 557255.

[When this will happen]

• General Availability (Worldwide and GCC): Rollout will begin in April 2026 (previously late March) and is expected to complete by May 2026 (previously late April).

[How this affects your organization]

Who is affected

• Organizations using Microsoft Purview DLP to restrict Copilot processing of sensitivity-labeled content
• Admins who manage Purview DLP policies
• Users working with Microsoft 365 Copilot in Word, Excel, or PowerPoint

What will happen

• DLP policies that restrict Copilot from processing sensitivity‑labeled files will apply to Word, Excel, and PowerPoint files in all storage locations, including:
  • SharePoint
  • OneDrive for Business
  • Local device storage
  • Other storage locations accessible to Office apps
• When a DLP policy blocks Copilot processing, Copilot will not process the file’s content in Word, Excel, or PowerPoint.
• Existing DLP policies will continue to function normally; no policy migration or reconfiguration is required.
• The feature will be on by default for tenants with relevant DLP rules configured.
• Users will see consistent DLP enforcement when invoking Copilot in supported Microsoft 365 apps.

Implementation detail:

This update does not modify Copilot capabilities. Instead, Office clients and AugLoop have been enhanced so AugLoop can read a file’s sensitivity label directly from the client. Today, AugLoop retrieves the label by calling Microsoft Graph using the file’s SharePoint or OneDrive URL, which limits DLP enforcement to files stored in OneDrive and SharePoint. By enabling the client to provide the label, DLP enforcement now applies uniformly across all storage locations, including local files.

[What you can do to prepare]

No action is required to enable this feature.

If your organization uses DLP controls for Copilot, you may optionally:

• Review existing DLP policies that include sensitivity-label-based restrictions
• Update internal documentation or helpdesk guidance if needed
• Communicate this enhancement to relevant security or compliance teams

Learn about managing DLP policies: Learn about data loss prevention | Microsoft Purview | Microsoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated March 26, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re introducing ad-hoc room reservation directly from the Microsoft Teams Rooms on Windows console. This update enables users to reserve an available room on the spot without relying on a personal device or hallway panel, supporting quick, spontaneous meetings and helping reduce scheduling conflicts. This feature requires a Teams Rooms Pro license. 

This message is associated with Microsoft 365 Roadmap ID 548648.

[When this will happen]

• General Availability (Worldwide, GCC): We will begin rolling out in late May 2026 (previously late April) and expect to complete by early June 2026 (previously late April).
• General Availability (GCC High): We will begin rolling out late in early June 2026 (previously April) and expect to complete by late June 2026 (previously early May).
• General Availability (DoD): We will begin rolling out in late June 2026 (previously late April) and expect to complete by mid-July 2026 (previously mid-May).

[How this will affect your organization]

Who is affected

• Users and admins of Teams Rooms on Windows with Teams Rooms Pro licenses.

What will happen

• After this feature becomes available on room devices, users can reserve an available room directly from the Teams Rooms calendar by choosing Reserve and selecting an end time: 

  

• End times appear in 15-minute increments for up to the end of the day or until the next scheduled meeting, whichever comes sooner:

   

• The feature is enabled by default.
• Admin controls will be available on the Teams Rooms Pro Management portal: Rooms > Settings > Meetings > Allow ad-hoc room reservation.

[What you can do to prepare]

• No action is required before rollout.
• Notify users of the new reservation workflow.
• Update internal training or documentation.
• Use Teams Rooms Pro Management portal or device settings if you want to restrict ad-hoc reservations.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

Microsoft Purview Endpoint Data Loss Prevention (DLP) now supports hyperlinks in warn and block toast messages in Microsoft Edge. A toast message is a small, temporary notification shown to users to provide immediate feedback or guidance. With this update, data officers can include clickable links in these notifications to direct users to internal policies, training resources, or support guidance when a DLP rule is triggered.

This change is associated with Microsoft 365 Roadmap ID 558688.

[When this will happen:]

• General Availability (Worldwide): Rollout begins in early April 2026 and is expected to complete by mid-April 2026.

[How this affects your organization:]

Who is affected:

• Organizations using Microsoft Purview Endpoint DLP
• Users on Windows devices using Microsoft Edge
• Admins and data officers who configure Endpoint DLP policies

What will happen:

• Admins can include clickable hyperlinks in warn and block toast messages shown in Edge when an Endpoint DLP rule is triggered.
• Users will see a customized toast message that can link directly to:
  • Internal policy documentation
  • Training or awareness resources
  • Support or escalation guidance (for example, a SharePoint site)
• Existing Endpoint DLP policies and enforcement behavior are unchanged.
• The feature is available once required client and browser versions are installed.

[What you can do to prepare:]

• Deploy Microsoft Defender anti-malware client version 4.18.26020 or later.
• Deploy Microsoft Edge version 146 or later.
• Review and update Endpoint DLP notification text as needed.
• Inform helpdesk and security teams of the updated user experience.

Screenshot: Example of configuring a hyperlink in an Endpoint DLP warn or block notification in the Microsoft Purview portal

[Compliance considerations:]

[Introduction]

OneDrive and SharePoint now support viewing and editing Markdown (.md) files directly in the browser. No downloads or third-party tools are needed. Open any Markdown file to see a clean, formatted view, or switch to the built-in editor with a toolbar, side-by-side preview, and syntax support. Whether you’re working with documentation, README files, Markdown files generated by your AI assistant, or notes, OneDrive makes it easy to read and update Markdown content right where your files live.

[When this will happen:]

• General Availability (Worldwide): Rollout begins mid-April 2026 and is expected to complete by late May 2026.

[How this affects your organization:]

Who is affected:

• All users accessing Markdown (.md) files stored in OneDrive and SharePoint

What will happen:

• Markdown files open directly in the browser with a side-by-side experience
• Raw Markdown editor is found on the left and rendered preview on the right, updating in real time



• Rich previews render tables, images, code blocks, and links using Fluent 2 typography
• A built-in formatting toolbar simplifies editing
• Markdown files can be created, edited, and organized alongside other Microsoft 365 files
• The feature is enabled by default and respects existing access controls

[What you can do to prepare:]

• No admin action is required
• Consider updating training or documentation as appropriate
• Inform helpdesk teams about the new in-browser experience

Before rollout, we will update this post with new documentation.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

We’re improving how Outlook respects the x‑ms‑reactions: disallow header in Classic Outlook for Windows. This update ensures that when reactions are disallowed, the Reactions button is correctly disabled and any failed reaction attempts are fully reverted. This provides a more consistent and trustworthy user experience across Outlook clients and prevents user confusion.

This message is associated with Roadmap ID 558442.

[When this will happen:]

• Public Preview (Worldwide): We will begin rolling out early May 2026 and expect to complete by late May 2026.
• General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early June 2026 and expect to complete by late June 2026.

[How this affects your organization:]

Who is affected:

• Users running Classic Outlook for Windows
• Organizations that disallow email reactions using the x‑ms‑reactions: disallow header

What will happen:

• The Reactions button will appear grayed out when reactions are disallowed.



• Failed reaction attempts will be automatically undone in the UI.
• Users will no longer see misleading reaction states.
• Behavior will be consistent across all Outlook clients.
• The change is enabled by default and respects existing configurations.

[What you can do to prepare:]

No action is required.

You may optionally:

• Inform helpdesk staff about the improved reaction behavior to reduce potential user questions.
• Review internal documentation if you reference reaction controls or messaging headers.
• Continue using the x‑ms‑reactions: disallow header as you do today; existing configurations are fully supported.

Learn more: Disallow reactions in Outlook | Microsoft Learn

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

To improve reliability for large-scale live events, Microsoft Teams town halls will soon support a backup Real-Time Messaging Protocol (RTMP) stream. RTMP is a standard live‑streaming protocol used by event organizers to send live video and audio to a streaming service, such as Microsoft Teams. This enhancement helps ensure uninterrupted broadcasts by automatically failing over to a secondary RTMP stream if the primary stream experiences an interruption. This change increases resiliency for high-visibility events without adding complexity for organizers.

This message applies to Teams for Windows desktop, Teams for Mac desktop, and Teams for the web. It is associated with Roadmap ID 554932.

[When this will happen:]

General Availability (Worldwide, GCC): Rollout begins late April 2026 and completes by late April 2026

[How this affects your organization:]

Who is affected:

• Organizers and producers hosting Microsoft Teams town halls using RTMP-based production workflows

What will happen:

• Organizers can configure a backup RTMP stream during event setup using Teams Meeting options in Production tools.
• If the primary RTMP stream fails, Teams will automatically fail over to the backup stream with no manual intervention.
• There’s no change to the attendee experience.
• The feature is available by default; no admin configuration is required.

[What you can do to prepare:]

• No action is required.
• Optionally, update internal event-production documentation and notify event producers of this new resiliency option.

Learn more: Use RTMP-In in Microsoft Teams | Microsoft Support (will be updated before rollout)

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Introduction

Microsoft Security Copilot agents are built into the flow of work of security teams using Microsoft Defender, Microsoft Entra, Microsoft Intune and Microsoft Purview. At Ignite 2025, Microsoft introduced a dozen new agents across these products, bringing agentic defense across workflows to enable autonomous and proactive protection.

To make it easier for teams to get started, Microsoft announced that Security Copilot will be included with Microsoft 365 E5. Eligible tenants will automatically transition to the new entitlement—no action required. 

When this will happen

As part of your existing Microsoft 365 E5 entitlement, you’ll gain access to Security Copilot features and agents through a phased rollout between April 20, 2026, and June 30, 2026. You’ll receive a notification 7 days before your tenant is enabled, and again on the enablement date. 

How this affects your organization 

Your organization will have access to Security Copilot with: 

• 400 Security Compute Units (SCUs) per month per 1,000 user licenses, included with Microsoft 365 E5 (up to 10,000 SCUs/month) 
• Core agentic experiences across Microsoft Entra, Intune, Purview, Defender, and the Security Copilot portal
• Developer tools and APIs for custom agents and integrations 

• Sentinel data lake compute or storage costs 
• Non-agentic Data Security Investigations experience in Microsoft Purview 
• Charges for Azure Logic Apps for usage with Security Copilot 
• Third-party agent licensing paid via Security Store 

We recommend:

• Signing up for the Security Copilot skilling series.
• Reviewing new agentic scenarios and developer capabilities in the Security Copilot Adoption Hub.
• Reviewing the documentation for details on what’s included.  
• Requesting assistance from a Microsoft 365 FastTrack specialist to unlock the full value of Security Copilot

• Comprehensive recovery: Restore deleted records regardless of deletion type, including manual, automated, single, multiple, or bulk.
• Flexible access: Restore data through both the Dataverse user interface and APIs/SDK.
• Configurable retention: Define how long deleted records remain available for recovery
• Admin-controlled enablement: Administrators must enable the feature at the environment level to take advantage of recovery capabilities.

• Restore deleted records within a specified timeframe
• Safeguard, Restore, and Manage Deleted Records in Microsoft Dataverse – Microsoft Power Platform Blog

• Analyze a sample of all sessions.
• Automatic availability for customers with at least 10 sessions with questions that have triggered generative answers in the past 7 days.
• Sentiment is calculated for each user message in the sampled sessions and then all messages are aggregated for a single sentiment score for the session.
• Each session is classified as positive, negative, or neutral, based on all user messages within that session.
• The sentiment score is calculated and refreshed once a day.

• Narrator now provides rich image descriptions on Copilot+ PCs and works with Copilot on all Windows 11 devices, allowing users to get instant on‑device descriptions or ask Copilot for more detail.
• This update improves the design of the dialog boxes in Settings > Accounts > Other users to match the modern Windows look and support dark mode. The visibility of the dialog box option depends on whether the device has a domain joined work or school account.
• This update improves the File Explorer experience, including more reliable unblocking of downloaded files and support for Voice Typing when renaming files.
• This update delivers several display improvements, including support for refresh rates above 1000 Hz, improved auto‑rotation and HDR reliability, and better power efficiency for USB4‑connected monitors during sleep.

• Windows 11, version 26H1: KB5079489
• Windows 11, versions 25H2 and 24H2: KB5079391

• Updates and announcements – This page consolidates ongoing updates, milestones, and rollout status changes for the deployment of new Secure Boot certificates across Windows devices. Use it to stay current on important servicing communications as the deployment progresses.
• Sample Secure Boot E2E Automation Guide – This guide provides an end-to-end view of the PowerShell‑based automation system for deploying Secure Boot certificate updates using Group Policy to domain-joined machines in a controlled, graduated manner. It includes details, examples, and operational guidance for domain‑joined environments.
• A Closer Look at the High Confidence Database – This article explains how Secure Boot confidence levels are calculated, how data is evaluated and published, and how Windows servicing uses this information to determine certificate deployment readiness. It’s designed for IT pros, security teams, and support engineers who need deeper insights into certificate evaluation.

• Updates and announcements
• Sample Secure Boot E2E Automation Guide
• A Closer Look at the High Confidence Database

Updated March 16, 2026: We have updated the timeline. Thank you for your patience.

Admins will be able to ensure that new Loop workspaces are connected to and managed by an existing Microsoft 365 Group, similar to SharePoint Team sites.

This message is associated with Microsoft 365 Roadmap ID 422725

[When this will happen:]

General Availability (Worldwide): We will begin rolling out early April 2026 (previously early March) and expect to complete by late April 2026 (previously late March). 

[How this will affect your organization:]

Once Microsoft 365 Roadmap ID 422725 is available, end-users will have the ability to choose existing Microsoft 365 Groups for managing new Loop workspaces. This means that new Loop workspaces can optionally be connected to and managed by an existing Microsoft 365 Group, similar to how SharePoint Team sites are managed.

Additionally, Microsoft 365 Roadmap ID 422725 covers the capability to ensure that new Loop workspaces are connected to and managed by an existing Microsoft 365 Group, similar to SharePoint Team sites (it will not be an option for users to skip selecting an existing Microsoft 365 group if this policy is configured).

While this setting may align with existing governance processes, it’s important for admins to note that scenarios like automatic aggregation of Teams meeting content into a Loop workspace, or the creation of small, short-term project workspaces, will be more challenging for end-users unless they can skillfully select an existing M365 group during creation. Please consider this tradeoff in your adoption strategy.

If your organization has governance tools for SharePoint Communication sites that work effectively in a reactive manner (i.e., governance is applied after the site is created), Microsoft recommends extending this process to include Loop workspaces rather than using this policy.

[What you need to do to prepare:]

There is nothing you need to do to prepare. This capability will roll to your tenant automatically.

Updated March 26, 2026: We have updated the timeline below. Thank you for your patience.

Your organization can already apply Microsoft Purview Data Loss Prevention (DLP) policies to Microsoft Fabric, but soon you will also be able to restrict access to Fabric sematic models and lakehouses by applying DLP policies. After this rollout, admins will be able to configure DLP policies that automatically detect sensitive information in sematic models and lakehouses and then restrict access to this data to internal users or data owners

This message is associated with Microsoft 365 Roadmap ID 422501.

[When this will happen:]

Public Preview: DLP restrict access for sematic models is already available in Public Preview as of November 2024. For Fabric lakehouse, public preview of restrict access will begin rollout mid-April 2025 and is expected to complete by late April 2025. 

General Availability: We will begin rolling out late October 2026 (previously June) and expect to complete by late November 2026 (previously end of June).

[How this will affect your organization:]

Before this rollout, you can configure DLP policies for Fabric workspaces to audit and notify users through Policy Tips based on sensitive content.

After this rollout, DLP policies can also be configured to block or restrict access to internal users or data owners. This action is especially valuable when your organization has guest users, and you want to enforce proper restrictions to ensure these users do not accidentally access sensitive information.

This change is available by default for admins to configure.

Configuring the Restrict access action in DLP policy for Fabric:

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. If your organization does not wish to start using the Restrict access action for Fabric, no additional action is required. If you would like to start restricting access to internal users or data owners, your security or compliance admin will need to update or create new DLP policies for Fabric to include the new Restrict access action.

Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more

• Data loss prevention policies in Microsoft Fabric – Microsoft Fabric | Microsoft Learn
• New Capabilities for Microsoft Purview DLP