| (Updated) Microsoft 365 Copilot: Add web links as references in Copilot NotebooksCategory:Microsoft Copilot (Microsoft 365)Nummer:MC1193414Status:stayInformed |
Updated June 5, 2026: We have updated the timeline. Thank you for your patience. [Introduction:]
We’re introducing the ability to add public web links as references in Microsoft Copilot Notebooks. This enhancement allows users to ground Copilot responses on specific public web pages, expanding the types of content that can be used to inform and contextualize their work. A Microsoft 365 Copilot license is required to use this feature.
This message is associated with Microsoft 365 Roadmap ID 516040.
[When this will happen:]
General Availability (Worldwide): Rollout will begin in late May 2026 (previously late April) and is expected to complete by end of June 2026 (previously end of May).
[How this will affect your organization:]
Who is affected: All users of Microsoft Copilot Notebooks with a Microsoft 365 Copilot license. What will happen:
- Users will be able to add public web links as references in their Copilot Notebooks.
- This expands current capabilities, which already support referencing Word, PowerPoint, Excel, and other file types.
- Users can now ground Copilot on public web content without needing to convert it to a file format (such as PDF).
- The feature will be enabled by default.
[What you can do to prepare:]
No specific preparation is required. However, we recommend:
- Informing users about the upcoming capability to enhance their productivity.
- Updating internal documentation if you provide guidance on using Copilot Notebooks.
[Compliance considerations:]
No compliance considerations identified, review as appropriate for your organization. |
| (Updated) Upcoming change: disabling Teams meeting recording expiration notification emailsCategory:Microsoft TeamsNummer:MC1245635Status:planForChange | Updated June 5, 2026: We have updated the content and timeline. Thank you for your patience. Introduction
We are introducing a new PowerShell control that allows administrators to manage Teams Meeting Recording (TMR) expiration and deletion notification emails across the tenant. This update is based on customer feedback indicating a strong preference to continue receiving notifications while also requesting an option to disable them. This change provides greater administrative control while maintaining the default experience that helps users stay informed
When this will happen
- Commercial clouds: Rollout began May 29, 2026; completed June 2, 2026
- Sovereign clouds (GCC, GCC High, DoD): Timeline will be updated once confirmed
How this affects your organization
Who is affected:
- SharePoint Administrators and Global Administrators managing Teams Meeting Recordings
Platforms/Services: - Microsoft Teams
- SharePoint Online
- PowerShell (SharePoint Online Management Shell)
What will happen:
- A new PowerShell setting is available to control notification emails for Teams meeting recording expiration and deletion
- Notifications remain enabled by default; no action is required to maintain the current behavior.
- Admins can disable notifications tenant-wide using a PowerShell cmdlet.
- There is no impact to recording expiration or deletion behavior—only the notification emails are affected.
- This setting applies at the tenant level only; per-user configuration is not supported.
Action Required / Recommendations
- No action is required if you want to continue receiving Teams meeting recording notification emails
If you prefer to disable notifications, follow these steps: - Ensure you are using the latest version of the SharePoint Online Management Shell:
- Download from the SharePoint Online Management Shell page
- Note that:
- The installer is Windows-only
- For non-Windows environments, use a Windows VM or Azure Virtual Desktop
- Verify you have required permissions:
- SharePoint Administrator or Global Administrator
- Review and update internal documentation if you reference recording notifications
- Inform helpdesk/support teams about this new control option
To disable notifications: Connect-SPOService -Url https://-admin.sharepoint.com Set-SPOTenant -DisableTeamsMeetingRecordingDeletedNotification $true To verify the setting: Get-SPOTenant | Format-List *Recording* (Get-SPOTenant).DisableTeamsMeetingRecordingDeletedNotification To re-enable notifications: Set-SPOTenant -DisableTeamsMeetingRecordingDeletedNotification $false
|
| Microsoft Viva Glint: Custom confidentiality statementsCategory:Microsoft VivaNummer:MC1318856Status:stayInformed | [What and Why:]
We’re introducing the ability for Viva Glint Company Admins to replace the default Microsoft confidentiality statement with custom messaging. This update helps organizations align employee survey experiences with internal confidentiality policies, legal requirements, and regional expectations—while maintaining a consistent, trusted experience across Viva Glint. This feature is associated with Microsoft 365 Roadmap ID 557982.
[Rollout Schedule:]
General Availability (Worldwide): Rollout begins in early June 2026. [Impact on Your Organization:]
Who is affected:
- Viva Glint Company Admins
- Users participating in Viva Glint surveys (if custom messaging is configured)
Platforms/Services:
- Microsoft Viva Glint (web)
What will happen:
- Admins can disable the default Microsoft Viva Glint confidentiality statement.
- Admins can configure custom confidentiality statements, including support for multiple languages.
- Custom statements are displayed to users during the survey experience.
- The feature is not enabled by default; configuration is optional and admin-controlled.
- If no changes are made, the existing default confidentiality statement remains in place.
[Action Required / Recommendations:]
- No action is required.
- Admins may optionally configure custom confidentiality statements in Viva Glint > General Settings > Company Information.
- Review internal legal or HR guidance before publishing custom messaging.
Learn more: [Compliance considerations:] | Compliance area | Explanation | | Does the change alter how existing customer data is processed, stored, or accessed? | Admin-defined confidentiality statements modify the messaging presented to users but do not change how survey response data is processed or stored. | | Does the change include an admin control? | Company Admins can enable, disable, and manage custom confidentiality statements in Viva Glint settings. |
|
| OneDrive: Retention enforcement for unlicensed OneDrive accountsCategory:Microsoft OneDriveNummer:MC1381110Status:planForChange | [What and Why:]
We’re updating how unlicensed OneDrive accounts are retained to help organizations manage storage more predictably and reduce long-term unmanaged data. This update introduces enforced lifecycle stages for unlicensed OneDrive accounts that remain unpaid for an extended period, ensuring clearer storage governance while giving admins multiple options to preserve data when needed.
[Rollout Schedule:]
General Availability (Worldwide): This change will be implemented starting early July 2026 and introduces a lifecycle with staged enforcement actions and built‑in time for admins to take action before restrictions apply. [Impact on Your Organization:]
Who is affected:
- Tenants with unlicensed OneDrive accounts created after license removal or user deletion.
Platforms / Services:
- OneDrive for Business
- SharePoint Online
What will happen:
- Day 60: Unlicensed OneDrive becomes read-only.
- Day 93: OneDrive is archived:
- Users cannot access the content directly.
- Content remains available for eDiscovery and legal holds.
- Up to 12 cumulative months of non‑payment:
- If no action is taken, the OneDrive data is permanently deleted.
- If a license is reassigned or billing is enabled before deletion, the OneDrive exits retention enforcement and resumes normal behavior.
- This change is on by default and does not require tenant opt‑in.
[Action Required / Recommendations:]
Admins should review unlicensed OneDrive accounts and take one or more of the following actions as appropriate: - Reassign a OneDrive license to the user.
- Enable pay‑as‑you‑go billing for:
- Unlicensed OneDrive archive storage, or
- Unlicensed OneDrive standard storage.
- Migrate content to another OneDrive or SharePoint location.
- Adjust retention policies so data is deleted when no longer required.
- Take no action if the data is no longer needed and can be deleted after the 365th unlicensed day.
No action is required if appropriate licensing, billing, or retention settings are already in place.
[Compliance considerations:]
| Area |
Explanation |
| Retention policies, holds, or deletion workflows |
Unlicensed OneDrive accounts that remain unpaid for an extended period may be deleted even if retention policies or legal holds are configured, unless licensing or billing is restored. |
| eDiscovery or Content Search |
Archived unlicensed OneDrive content remains available for eDiscovery and legal holds until the data is permanently deleted. |
| How customer data is stored or deleted |
The change introduces enforced lifecycle stages and permanent deletion timelines for unpaid, unlicensed OneDrive data. |
| User access, export, or deletion of personal data (GDPR) |
User access to unlicensed OneDrive content is restricted once accounts become read-only or archived, which may affect how personal data can be accessed or exported prior to deletion. |
|
| Microsoft 365 Archive: File-level archiving General AvailabilityCategory:SharePoint OnlineNummer:MC1381114Status:planForChange | [What and Why] We’re announcing the General Availability of file-level archiving in Microsoft 365 Archive. This new capability enables organizations to archive individual SharePoint files into a cold storage tier while keeping them discoverable. This feature complements the existing site-level archive experience and helps optimize storage costs while maintaining compliance and accessibility. This message is associated with Microsoft 365 Roadmap ID 477371. [Rollout Schedule] General Availability (Worldwide): Rollout begins in early July 2026 and is expected to complete by late July 2026. [Impact on Your Organization] Who is affected - All Microsoft 365 commercial and education tenants with SharePoint Online and Microsoft 365 Archive enabled
- Users with edit or read permissions on SharePoint files
Platforms/Services - SharePoint Online (web experience)
- Microsoft 365 Archive
What will happen - A new Archive action will appear in SharePoint on the web for users with edit permissions, allowing them to archive eligible files.
- Files are archived into the Microsoft 365 Archive cold storage tier and can be reactivated by users with read permissions.
- Reactivation may take up to 24 hours, except for files archived within the past 7 days, which can be reactivated instantly.
- Existing retention labels, sensitivity labels, eDiscovery, permissions, and audit logging continue to apply without change, including after files are archived.
- At General Availability, file-level archiving is enabled by default for all SharePoint sites in tenants where Microsoft 365 Archive is enabled, unless administrators have previously reduced or scoped the set of enabled sites.
- File-level archive consumption is billed using the existing pay-as-you-go pricing model for Microsoft 365 Archive.
- This feature may introduce changes to storage usage and billing depending on archival activity.
- This change does not remove or replace existing site-level archiving capabilities.
[Action Required / Recommendations] No immediate action is required. However, we recommend administrators take the following steps: - Confirm configuration: Ensure that Microsoft 365 Archive is enabled and pay-as-you-go billing is configured in the Microsoft 365 admin center.
- Prepare support teams: Notify storage governance, records management, and helpdesk teams about the new Archive action and reactivation behavior.
- Update documentation: Revise internal training materials and documentation to reflect file-level archiving workflows.
- Evaluate scope controls: If you do not want the Archive action enabled across all sites, use tenant-level or per-site controls (via PowerShell) to scope availability.
Learn more: Manage Microsoft 365 Archive | Microsoft 365 Archive | Microsoft 365 | Microsoft Learn [Compliance considerations] | Question | Answer | | Does the change alter how existing customer data is processed, stored, or accessed (for example, documents, emails, chats)? If so, how and to what extent? | Yes. This change introduces a cold storage tier for SharePoint files, where files are archived and require reactivation before they can be accessed, altering how stored data is accessed. While in the archive tier, the data stays compliantly stored as M365 data. | | Does the change include an admin control, and can it be controlled through Entra ID group membership? | Yes. Administrators can control the availability of file-level archiving at the tenant or site level using administrative configurations such as PowerShell. | | Does the change allow a user to enable and disable the feature themselves? | Yes. On sites enabled for file-level archiving, users with appropriate permissions can initiate archiving and reactivation actions on files, effectively controlling whether files are archived or active. |
|
| Microsoft Defender for Endpoint security updates move to Microsoft Update on WindowsCategory:Microsoft Defender XDRNummer:MC1381119Status:stayInformed | [What and Why:]
Instead of being bundled with the monthly Windows security update, Microsoft Defender endpoint detection and response (EDR) updates will now be delivered through Microsoft Update, consistent with how other Microsoft Defender components are serviced.
This change allows EDR security improvements to be delivered independently of monthly operating system updates.
[Rollout Schedule:]
- Rollout began with Windows 10 in late May 2026.
- Rollout will expand to Windows 11, followed by remaining supported Windows versions.
- We expect the rollout for Windows 10 and 11 to be completed by fall 2026.
[Impact on Your Organization:]
Who is affected: Organizations using Microsoft Defender for Endpoint on supported Windows devices.
Platforms / Services:
- All Windows OSes currently supported by Microsoft Defender for Endpoint
What will happen:
- EDR updates will no longer be bundled with the monthly Windows security update.
- EDR updates will be delivered through Microsoft Update via KB 5005292 once required prerequisite updates are installed.
- A new Defender Update Service will be introduced.
- When the first update is installed, a new directory will be created on the device:
%ProgramData%\Microsoft\Microsoft Defender\Defender Update - EDR updates typically do not require a device restart. In rare failure scenarios, a restart may be required.
Prerequisite updates: Devices must be running Sense version 10.8798.25857.1000 or later and have one of the following updates (or later) installed: - Win11 24H2 KB 5062660 (2025-07 Cumulative Update Preview)
- Win11 23H2 KB 5062663 (2025-07 Cumulative Update Preview)
- Win11 22H2 KB 5062663 (2025-07 Cumulative Update Preview)
- Win10 22H2 KB 5062649 (2025-07 Cumulative Update Preview)
- Win10 1809 KB 5063877 (2025-08 Cumulative Update)
- Server 2019 KB 5063877 (2025-08 Cumulative Update)
- Server 2022 KB 5063880 (2025-08 Cumulative Update)
- Server 2025 KB 5063878 (2025-08 Cumulative Update)
[Action Required / Recommendations:]
- No action is required for organizations that allow updates through Microsoft Update.
- If your organization uses manual update package deployment, ensure this new Defender update package is included in your standard update process.
- Review internal documentation and operational procedures that reference Defender for Endpoint update behavior.
- Inform helpdesk and security operations teams about the new update delivery method.
Rollback guidance (if needed): Administrators can roll back EDR updates using the Microsoft Defender command-line utility. Revert EDR to the inbox version stored in %ProgramFiles%\\Windows Defender Advanced Threat Protection:
MpCmdRun.exe -RevertMde -Product Edr -ToVersion Inbox
Revert EDR to the N-1 version, if there is available backup in %ProgramData%\\Microsoft\\Windows Defender Advanced Threat Protection\\Platform
MpCmdRun.exe -RevertMde -Product Edr -ToVersion Previous
[Compliance considerations:] | Compliance Area | Explanation | | Data processing or storage changes | The change introduces a new local update service directory for Defender updates but does not introduce new customer data types. | | Admin controls | Update delivery is governed by existing Windows Update and Microsoft Update configuration policies. |
|
| Microsoft Teams: Improved app and agent access request flows for admin‑blocked appsCategory:Microsoft TeamsNummer:MC1381120Status:stayInformed | [What and Why:]
We’re improving the experience for requesting access to Teams apps and agents that are blocked by administrators by introducing a clearer, guided, end-to-end request flow. This update reduces user confusion, minimizes stalled requests, and improves admin visibility—helping close the loop between users and IT while maintaining enterprise controls.
[Rollout Schedule:]
General Availability (Worldwide): We will begin rolling out in mid-June 2026 and expect to complete by early July 2026. [Impact on Your Organization:]
Who is affected:
- Teams users requesting access to blocked apps or agents
- Teams administrators reviewing and managing requests
Platforms/Services:
- Microsoft Teams
- Teams Admin Center
What will happen:
- Users will find a clearer, guided request flow when requesting access to blocked apps or agents in Teams.
- Users will receive notifications when their request status changes, improving transparency. If approved, users can easily get started with the app or agent using the Add button in the Teams notification.
Screenshot 1: Example of a Teams Activity notification informing a user that an app is approved and ready to add: 
- Admins will have a simplified review and approval experience in Teams Admin Center.
Screenshot 2: Example of the updated Teams Admin Center experience for reviewing and acting on app and agent access requests:  >
Screenshot 3: App details view in Teams Admin Center showing individual user requests and direct access to manage app requests: 
- These enhancements streamline the triage and review process, by clearly highlighting requests pending review for increased clarity, introducing new approve and deny actions to make requests easily actionable, and simplifying complex workflows with quick actions, like the ability to approve bulk requests.
- Admins can optionally enable Teams notifications for new app or agent requests to increase awareness. If enabled, admins will receive a Teams notification in a channel they’ve chosen, with a button that will route them into the Teams Admin Center to view the request.
- Existing app and agent policies remain unchanged.
[Action Required / Recommendations:]
- No action is required to prepare.
- (Optional) After rollout, admins can:
- Enable a notification rule in Teams Admin Center to receive Teams notifications when new app or agent requests are submitted.
- Inform helpdesk staff about the improved request and notification experience.
Learn more: [Compliance considerations:]
No compliance considerations identified, review as appropriate for your organization. |
| Microsoft Purview | Endpoint Data Loss Prevention: Policy sync and device health AI skillCategory:Microsoft PurviewNummer:MC1381121Status:stayInformed | [What and Why] We are introducing Policy Sync and Device Health AI skills for Microsoft Purview Endpoint Data Loss Prevention. These AI-powered capabilities provide real-time visibility into policy deployment across devices and help admins quickly identify and resolve sync issues. By using AI to surface root causes and recommend actions, this feature improves troubleshooting efficiency and increases confidence that policies are enforced consistently across devices. This aligns with our enterprise-ready AI approach by delivering intelligent insights within Microsoft Purview. This message is associated with Microsoft 365 Roadmap ID 562016. [Rollout Schedule] - Public Preview: Rollout will begin in late June 2026 and is expected to complete in late June 2026.
- General Availability (Worldwide): Rollout will begin in late July 2026 and is expected to complete in late July 2026.
[Impact on Your Organization] Who is affected - Admins managing Endpoint Data Loss Prevention policies in Microsoft Purview
Platforms/Services - Microsoft Purview compliance portal
- Endpoint DLP
- Security Copilot
What will happen - Admins will see new AI-powered insights for policy sync status and device health:
- Real-time visibility into DLP policy deployment across endpoints will be available:
- Impacted devices and sync failures will be identified automatically:
- Root cause explanations and recommended remediation actions will be provided:
- The experience will be available within DLP policy and device views in Microsoft Purview.
- The feature requires Security Copilot capabilities to be available in the tenant.
[Action Required/Recommendations] No immediate action is required. To prepare for this feature: - Ensure that Security Copilot is enabled in your organization.
- Confirm that Security Compute Units are provisioned to support AI experiences.
- Verify that admins have appropriate permissions to access DLP policies and device views in Microsoft Purview.
- Review the DLP portal to familiarize your team with where the feature will appear.
- Communicate this update to your security and compliance administrators.
[Compliance considerations] | Question | Answer | | Does the change introduce or significantly modify AI or machine learning capabilities that interact with or provide access to customer data? | Yes. The change introduces AI-powered skills that analyze DLP policy sync status and device health, identify impacted devices, and provide root cause insights along with recommended remediation actions. | | Does the change alter how admins can monitor, report on, or demonstrate compliance activities? | Yes. The change adds new AI-driven insights and visibility into DLP policy deployment and device readiness within Microsoft Purview, enhancing how admins monitor and assess compliance activities. |
|
| Microsoft Defender XDR: Retirement of in-app OS update notifications in Defender for Endpoint (iOS)Category:Microsoft Defender XDRNummer:MC1381122Status:planForChange | [What and Why] Microsoft Defender for Endpoint (MDE) on iOS is retiring in-app OS update notifications and recommendations. To improve consistency and reduce duplicate guidance, OS update compliance and enforcement will rely on Microsoft Intune and existing MDM/MAM capabilities instead of Defender in-app experiences. This change simplifies management for administrators and provides a more unified and secure compliance experience across Microsoft security and device management services. Intune driven OS update requirements will remain unaffected by this change. [Rollout Schedule] - Worldwide, GCC, GCCH, DoD: Mid-July 2026 through late July 2026
[Impact on Your Organization] Who is affected - Organizations using Microsoft Defender for Endpoint on iOS
- Admins managing device compliance or OS update policies
Platforms/Services - iOS
- Microsoft Defender for Endpoint
- Microsoft Intune
What will happen: - The Defender app on iOS will no longer display OS update recommendations or notifications.
- OS update compliance and enforcement will rely on Microsoft Intune and existing MDM/MAM capabilities instead of Defender in-app experiences.
- Duplicate or conflicting OS update messaging between Defender and Intune will be removed.
- This change will be automatically applied during rollout.
- After retirement, there is no option to continue using this functionality in Defender.
[Action Required / Recommendations] No immediate action is required for this change. To prepare and ensure a smooth transition: - Review your OS compliance and update enforcement policies in Microsoft Intune.
- Validate existing app configuration policies (for example, OS update notification suppression settings) to ensure they align with this change.
- Inform your helpdesk and end users that OS update notifications will no longer appear in the Defender app on iOS.
[Compliance considerations] No compliance considerations identified. Review as appropriate for your organization. |
