Microsoft Roadmap, messagecenter and blogs updates from 14-05-2026

Updated May 13, 2026: We have updated the timeline. Thank you for your patience.

Microsoft Teams Events invite emails will be separated based on the role of the participant. Event organizers will get an email explaining the specific roles of participants in the event. Similarly, each presenter will get a separate calendar invite, allowing the organizers of town halls to maintain separate invites for attendees. 

This message is associated with Microsoft 365 Roadmap ID 476488.

[When this will happen:]

Targeted Release: We will begin rolling out mid-June 2026 (previously early July) and expect to complete by late June 2026 (previously mid-July).

General Availability (Worldwide): We will begin rolling out late June (previously mid-July) and expect to complete by late July 2026 (previously early May).

General Availability (GCC, GCC High): We will begin rolling out late July 2026 (previously late April) and expect to complete by late August 2026 (previously late May).

[How this will affect your organization:]

This feature update allows the organizers of town halls to maintain separate invites for attendees.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Updated May 13, 2026: We have updated the content. Thank you for your patience.

Applies to: Teams for Windows desktop and Teams for Mac desktop 

[Introduction:]

All meeting participants joining from native apps on Windows and macOS will be able to request to start collaborative annotations when a screen or window is being shared. The annotations start only after the active sharer approves the request. This capability is available exclusively in the new Microsoft Teams experience on native Windows and macOS apps.

This release also introduces a meeting option in the Participation section, allowing organizers and co-organizers to choose who can start annotations. By default, “Everyone” can access the “Start Annotation” button, but organizers and co-organizers can limit it to just the “Active Sharer”, making the button visible only to the person currently sharing their screen or window.

Note: Users can view and annotate in Teams on the web but cannot initiate annotations. Anonymous users in the meeting will not be able to send a request.

This message is associated with Microsoft 365 Roadmap ID 89975.

[When this will happen:]

Targeted Release: We will begin rolling out early May 2026 (previously mid-April) and expect to complete by mid-May 2026 (previously late April).

General Availability (WW, GCC, GCC High, and DoD): We will begin rolling out mid-May 2026 (previously late March) and expect to complete by late May 2026 (previously late April).

[How this will affect your organization:]

After the rollout, meeting participants who are not sharing their screens will have the ability to request an annotation session. This request will be sent to the presenter sharing their screen, who can choose to accept or deny it.

Meeting Organizer Settings (Meeting Options)

A new “Who can start annotations?” option appears under the Participation section in Meeting Options. Organizers and co-organizers can select:

• Everyone (default) — All participants see the “Start Annotation” button
• Active Sharer — Only the person currently sharing sees the annotation button

After rollout, the default value of Everyone will apply to all meetings. Organizers and co-organizers can manually update this option to Active Sharer in case they want to opt out of this feature. 

Participant Annotation Request Flow 

When a participant who is not the active sharer wants to annotate, they click the “Start annotation” button in the meeting toolbar. A confirmation dialog appears, and once the participant clicks “Request”, a notification is sent to the presenter for approval.

1. Click the “Start annotation” button in the meeting toolbar to initiate an annotation request.



2. Confirm the request in the dialog box. Once approved, annotations start request will be sent to active sharer



3. Request sent notification confirms the request is pending and the presenter needs to approve it. 

Presenter Approval Experience

The active sharer (presenter) receives a notification at the top of their screen indicating that a viewer wants to start annotations. The presenter can choose to Deny or Allow the request.

[What you need to do to prepare:]

This rollout will happen automatically by the specified dates with no admin action required before the rollout. You may want to:

• Notify your users about this change and how the annotation request/approval flow works 
• Update relevant documentation to reflect the new meeting option and participant behavior 
• Educate meeting organizers on the new “Who can start annotations?” meeting option under Participation 
• Communicate to end users that they can now request to start annotations during screen sharing sessions 

This change will be available by default. 

Additional Resources: 

• Use annotation while sharing your screen in Microsoft Teams – Microsoft Support (will be updated before rollout)
• How to use Collaborative Annotations in a Microsoft Teams meeting (2022)
• Microsoft 365 Roadmap ID 89975

Updated May 13, 2026: We have initiated the deprecation rollout and expect to reach 100% production coverage in the next few weeks. We strongly recommend that customers transition to modern authentication at the earliest opportunity. Thank you for your patience.  

[Introduction:]

As part of the Microsoft Secure Future Initiative (SFI) and in alignment with the “Secure by Default” principle, we’re retiring the legacy IDCRL (Identity Client Run Time Library) authentication protocol in SharePoint Online and OneDrive for Business. This change helps strengthen your organization’s security posture by enforcing modern authentication standards—OpenID Connect and OAuth—which reduce exposure to outdated and vulnerable authentication methods.

[When this will happen:]

• Starting February 16, 2026: Legacy client authentication will be blocked by default. Organizations may temporarily re-enable it using PowerShell until April 30, 2026.
• Starting May 1, 2026: Legacy client authentication will be permanently blocked and cannot be re-enabled.

[How this affects your organization:]

Who is affected:

• Organizations using clients, scripts, or applications that rely on the legacy IDCRL authentication protocol to access SharePoint Online or OneDrive for Business.

• Legacy authentication calls using IDCRL will be blocked by default starting February 16, 2026.
• Temporary re-enablement is possible via PowerShell until April 30, 2026.
• After May 1, 2026, IDCRL authentication will be permanently retired and cannot be re-enabled.
• Applications using IDCRL will fail to authenticate unless updated to use modern protocols.

[What you can do to prepare:]

We recommend migrating from legacy authentication protocols to modern authentication as soon as possible. 

To prepare for this retirement:

• Migrate all clients, scripts, and applications to use OpenID Connect or OAuth protocols. 
• Review current configurations for IDCRL authentication.
• Notify IT admins, app owners, and security teams about the upcoming retirement.
• Update internal documentation to reflect the new authentication defaults.
• Use telemetry to identify usage of legacy authentication protocols and monitor migration progress.
• Use PowerShell to manage legacy authentication settings if needed:
  • Set AllowLegacyAuthProtocolsEnabledSetting and LegacyAuthProtocolsEnabled to TRUE to temporarily allow legacy authentication until April 30, 2026.
• Learn more:
  • Migrating from IDCRL authentication to modern authentication in SharePoint | Microsoft 365 Developer Blog | Microsoft Dev Blogs
  • Set-SPOTenant (Microsoft.Online.SharePoint.PowerShell) | Microsoft Learn

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Updated March 27, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To help admins detect unusual or potentially risky interactions with external organizations, Microsoft Teams is introducing the External domains anomalies report. This report analyzes cross-tenant communication patterns for your tenant and highlights sudden spikes or abnormal engagement activity. These insights support proactive investigation and help protect your organization while enabling secure external collaboration.

This message is associated with Microsoft 365 Roadmap ID 536572.

[When this will happen]

• General Availability (Worldwide): Rolling out in mid-May 2026 (previously early April) and expected to complete by late May 2026 (previously mid-April).

[How this affects your organization]

Who is affected:

• Teams administrators can view this report for their Microsoft 365 tenant if their organization collaborates with external organizations.

What will happen:

• A new External domains anomalies report will be available in the Microsoft Teams admin center under Protection reports.
• Admins can select Communication anomalies, choose a date range, and run the report to view results:
• Insights include external domains with unusual communication activity:
  • External domain name
  • Total anomalies detected
  • New 1:1 threads created by that domain
  • New group threads created by that domain
• A Block option is available directly in the report for managing external domains:

[What you can do to prepare]

No action is required to access the report.

To receive proactive alerts:

• Enable External domains anomalies alerts in the Teams admin center:
  • Go to Notifications & alerts > Rules.
  • Select External domains anomalies.
  • Set status to Active.
• Specify a Teams channel for notifications if desired.



• Daily alerts will summarize the top five domains with unusual activity.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated May 13, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re introducing a new Follow option for meetings in Outlook Mobile.  This feature helps users stay informed when they cannot attend by prompting organizers to record the meeting and by ensuring followers receive key updates and follow‑up items.

[When this will happen]

General Availability (Worldwide): Rollout will begin in mid-June 2026 (previously mid-May) and is expected to complete by mid-July 2026 (previously end of May).

[How this affects your organization]

Who is affected

• All users who schedule or respond to meetings in Outlook Mobile. Attendees will only see the option to respond with Follow if a meeting has two or more participants and when the organizer has requested responses.

What will happen

• A new Follow option will appear as the third option in the mobile RSVP menu. To select “Maybe,” tap the three dots … : 

  

• The Maybe RSVP option will move into the overflow menu:  

  

• The No response option will move to the second position in the RSVP list.
• The feature will be on by default for all tenants.
• Organizers may receive prompts to record the meeting or address follow‑up items when attendees choose to Follow.
• No changes to existing Outlook or Exchange Online admin policies.

[What you can do to prepare]

No admin action is required.

Optional steps:

• Notify helpdesk and support teams about the updated RSVP options and UI behavior.
• Update internal end‑user documentation if your organization provides guidance for meeting responses.

Learn more: Follow a meeting in Outlook | Microsoft Support

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

We’re expanding Microsoft Purview Data Loss Prevention (DLP) controls for Microsoft 365 Copilot and Copilot Chat to help organizations reduce the risk of untrusted or externally sourced content influencing AI‑generated responses. This new capability allows admins to exclude emails from external senders from being used as grounding data during Copilot prompt processing. When enabled, Copilot continues to generate responses using trusted internal Microsoft 365 data sources, subject to existing licensing and policy controls.

This message is associated with Microsoft 365 Roadmap ID 561552.

[When this will happen]

• Public preview: We will begin rolling out in early June 2026 and expect to complete by late June 2026.
• General availability (Worldwide): We will begin rolling out in late July 2026 and expect to complete by late August 2026.

[How this affects your organization]

Who is affected

• Organizations using Microsoft 365 Copilot (Premium) or Copilot Chat
• Admins managing AI governance, security, and data protection using Microsoft Purview

What will happen

• A new DLP policy control will be available for Microsoft 365 Copilot and Copilot Chat.
• When enabled by an admin:
• Emails sent from external or untrusted domains are excluded from being:
  • Referenced
  • Summarized
  • Used as grounding data by Copilot
• Copilot continues to generate responses using trusted internal Microsoft 365 data sources (for example, SharePoint, OneDrive, and internal Exchange content), subject to existing licensing and policy.

This change does not:

• Affect email delivery, retention, eDiscovery, or user access
• Change existing Copilot interaction behavior unless the policy is explicitly configured

Default state:

• Off by default.
• There is no change unless an admin enables this control in Microsoft Purview.

Screenshot 1. Select Microsoft 365 Copilot and Copilot Chat as the DLP policy location: 

Screenshot 2. New DLP setting to restrict processing of external email content: 

[What you can do to prepare]

No action is required if you do not plan to use this capability.

If you want to enable the feature:

• Create or update a DLP policy for Microsoft 365 Copilot in the Microsoft Purview portal.
• Review existing DLP configurations to understand potential Copilot impact.
• Ensure your admin account has the required DLP and Purview roles.
• Inform IT, security, and helpdesk teams about the new control.
• Update internal documentation related to AI governance and Copilot usage.

Learn more:

• Learn about data loss prevention | Microsoft Purview | Microsoft Learn
• Learn about using Microsoft Purview Data Loss Prevention to protect interactions with Microsoft 365 Copilot and Copilot Chat | Microsoft Purview | Microsoft Learn
• Permissions – Create and deploy data loss prevention policies | Microsoft Purview | Microsoft Learn

[Compliance considerations]

[Introduction]

We are introducing new bulk agent lifecycle management capabilities in the Microsoft 365 admin center for Microsoft 365 Copilot. These updates enable bulk execution of key lifecycle actions, helping admins manage agents at scale by reducing manual, per‑agent tasks and improving governance consistency across their organization. Bulk lifecycle actions are now available for on‑demand execution, with rule‑based automation planned for a future update.

This message is associated with Microsoft 365 Roadmap ID 481518.

[When this will happen]

General Availability (Worldwide): Available now.

[How this will affect your organization]

Who is affected

• Microsoft 365 administrators managing Copilot agents in commercial tenants.

What will happen

• Admins can perform bulk lifecycle actions for Copilot agents in the Microsoft 365 admin center.
• Admins can bulk install Microsoft‑built (first‑party) agents across users to accelerate adoption. 

  

• Admins can bulk reassign ownerless agents to managers to ensure proper ownership and governance: 

  

• These actions are on‑demand and help reduce manual, per‑agent management.
• Existing admin permissions and governance controls are respected.
• There is no direct impact to user workflows unless admins choose to take action.

Note: While this feature was initially positioned as automation of agent lifecycle management, the current release supports on‑demand bulk execution. Rule‑based automation will be delivered in a future update.

[What you can do to prepare]

• No action is required.
• Admins can start using bulk agent lifecycle actions by navigating to: Microsoft 365 admin center → Agents → Settings → Agent management rules
• Consider reviewing internal governance or ownership processes to take advantage of bulk reassignment capabilities.

Learn more: Agent management rules – Agent settings in Microsoft 365 admin center | Microsoft 365 admin center | Microsoft 365 | Microsoft Learn

[Compliance considerations]

[Introduction]

We’re updating the Collect Diagnostics feature name to Get Diagnostics for Outlook Mobile and Outlook for Mac. Along with this rename, diagnostic logs sent during support interactions will now be routed through the Microsoft 365 diagnostics service instead of the legacy PowerLift service. This change aligns Outlook with other Microsoft clients, simplifying support workflows and providing a more consistent diagnostics experience.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in early June 2026 and is expected to complete by late June 2026.

How this affects your organization:

Who is affected:

• Organizations using Outlook Mobile (iOS and Android)
• Organizations using Outlook for Mac
• IT admins maintaining documentation referencing Collect Diagnostics

What will happen:

• The feature name changes from Collect Diagnostics to Get Diagnostics in Outlook Mobile and Outlook for Mac.
• Diagnostic logs will be sent to the Microsoft 365 diagnostics service instead of the PowerLift service.
• There is no change to user workflow or behavior beyond the updated name.
• No admin configuration changes are required.
• The feature remains enabled by default.

What you can do to prepare:

• Update internal documentation, training materials, and helpdesk scripts to reflect the new name Get Diagnostics.
• Review network allowlists:
  • Outlook Mobile and Outlook for Mac will no longer use the *.acompli.net endpoint for Get Diagnostics.
  • The *.acompli.net endpoint is still required for:
    • Outlook Contact Support
    • Other Microsoft clients such as Company Portal and Microsoft Authenticator
• No other action is required if *.acompli.net is already allowlisted.

Learn more: Outlook for iOS and Android in Exchange Online: FAQ | Microsoft Learn

Compliance considerations:

Updated May 13, 2026: We have updated the content. Thank you for your patience. 

[Introduction]

To help organizations promote a secure and compliant AI experience on mobile devices, Microsoft is introducing a new Microsoft 365 Copilot Mobile card in the Copilot Control System, accessible via the Microsoft 365 Admin Center. This update enables IT and AI admins to proactively notify users about the Microsoft 365 Copilot mobile app and guide them to an approved download experience. By surfacing this information through trusted enterprise channels, organizations can reduce reliance on non‑sanctioned AI apps and help mitigate potential data leakage risks.

[When this will happen]

General Availability (Worldwide): Available now

[How this affects your organization]

Who is affected

• IT admins and AI admins using the Copilot Control System on Microsoft 365 Admin Center (MAC)
• Users who receive notifications about the Microsoft 365 Copilot mobile app
• This applies to both Microsoft 365 Copilot licensed users and users accessing Copilot Chat.

What will happen

• Admins can surface a Microsoft 365 Copilot Mobile card in the Copilot Control System, accessible via the Microsoft 365 Admin Center: 

  

• Admins can choose to notify targeted users about the availability of the Microsoft 365 Copilot mobile app: 

  

• Notifications can be delivered via Windows notifications or Microsoft Teams (Coming soon), depending on admin configuration.
• The feature helps guide users to a secure, Microsoft‑approved Copilot mobile experience.
• The feature is admin‑initiated and is not enabled automatically for users.

[What you can do to prepare]

No action is required if you do not plan to notify users.

If you want to use this capability:

• Review the Copilot Control System in the Microsoft 365 Admin center.
• Configure the Microsoft 365 Copilot Mobile card.
• Select the relevant users or groups to notify.
• Align notifications with your organization’s existing security and compliance policies.
• Consider informing your helpdesk or internal communications teams so they can support user questions.

[Compliance considerations]

[Introduction]

To maintain security, performance, and compatibility with newer macOS capabilities, Microsoft Teams will end support for desktop client updates on macOS 13 (Ventura). This ensures continued delivery of modern features and security updates on supported operating systems.

[When this will happen:]

• May 2026: Updates stop for macOS 13
• Mid-June 2026: Upgrade notifications begin
• Mid-July 2026: Blocking experience introduced

[How this affects your organization:]

Who is affected:

• Users on Teams desktop client on macOS 13
• IT admins managing macOS devices

[What will happen:]

• Teams desktop on macOS 13 will no longer receive updates starting May 2026.
• Users will see in-app upgrade notifications beginning in mid-June 2026.
• Users will encounter a blocking screen in mid-July 2026 preventing continued use of the desktop client.
• Users must either:
  • Upgrade to a supported macOS version, or
  • Use Teams via a supported web browser
• This change is automatic and cannot be disabled by admins.
• Organizations that do not upgrade devices may experience temporary productivity or support impacts.

[What you can do to prepare:]

• Identify devices running macOS 13.
• Plan OS upgrades before mid-July 2026.
• Communicate changes to users.
• Prepare helpdesk teams.
• Update compliance policies as needed.
• Provide guidance to use Teams on the web if needed.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

We are improving the Activity Explorer experience in Microsoft Purview to deliver faster load times and a more responsive interface. To optimize performance—especially for organizations with high activity volumes—the default time range will change from 7 days to 1 day when Activity Explorer first loads. This update reflects common investigation patterns where recent activity is most relevant, while preserving full access to historical data through filters.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out in early May 2026 and expect to complete by mid-May 2026.

[How this affects your organization:]

Who is affected: Admins and analysts who use Activity Explorer in Microsoft Purview

What will happen:

• The default view has been updated to 1 day of data to improve performance and load times.
• Users can adjust the date range filter at any time to view up to 30 days (no change from existing support).
• The change is enabled by default for all tenants.
• Improved page load performance and responsiveness, particularly in high-volume environments.
• No changes to:
  • Data retention policies
  • Query capabilities and filtering options
  • Available insights and activity data

[What you can do to prepare:]

No action is required.

We recommend that you:

• Inform admins and investigators that Activity Explorer now defaults to 1 day of data to improve performance.
• Clarify that this is a UI default only and does not affect data availability.
• Remind users they can expand the date range (for example, back to 7 days or more) using the filter when investigating activity.
• Update any internal documentation or training materials that reference the previous 7-day default view.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

[Introduction]

Microsoft Purview Content Explorer and Data Explorer continue to require the Data Classification List Viewer role to view and navigate classified data. With this update, Content Explorer and Data Explorer consistently enforce the role requirements across the full experience. This update provides a consistent and predictable access experience aligned with already documented Microsoft Purview role-based access controls.

[When this will happen:]

• General Availability (Production, GCC, GCC High, and DoD): We began rolling out in early May 2026 and expect to complete by mid-May 2026.

[How this affects your organization:]

Who is affected:

• Admins managing Microsoft Purview roles and permissions
• Users accessing Microsoft Purview Content Explorer and Data Explorer

What will happen:

• Users must have the Data Classification List Viewer role to view and navigate classified data in Content Explorer and Data Explorer.
• Users without the Data Classification List Viewer role may not be able to view or navigate Content Explorer and Data Explorer as expected.
• The role requirement will be consistently enforced across the full Content Explorer and Data Explorer experience.
• No new permissions are introduced as part of this change.

[What you can do to prepare:]

Required action:

• Assign the Content Explorer List Viewer role group or a custom role group that includes the Data Classification List Viewer role to users who need access to Content Explorer or Data Explorer.

Recommended steps:

• Review current users accessing Content Explorer and Data Explorer.
• Validate role assignments for those users.
• Update permissions where needed.

No additional configuration changes are required.

[Compliance considerations:]

We've released updates to the following update channel for Microsoft 365 Apps:

• Monthly Enterprise Channel

[When this will happen:]

We'll be gradually rolling out this update of Microsoft 365 Apps to users on that update channel starting May 13th, 2026 (PST).

[How this will affect your organization:]

If your Microsoft 365 Apps clients are configured to automatically update from the Office Content Delivery Network (CDN), then no action is required.

If you manage updates directly you can now download this latest update and begin deployment.

[What you need to do to prepare:]

To get more details about this update view the following release notes:

• Monthly Enterprise Channel
• Monthly Enterprise Channel