Microsoft Roadmap, messagecenter and blogs updates from 18-03-2026

Updated March 17, 2026: We have updated the timeline. Thank you for your patience.

Introduction

We’re introducing a new way to build automations in SharePoint using Workflows—the same fast, intuitive experience available in the Teams Workflows app. This update simplifies automation across SharePoint, Teams, and Microsoft 365, helping users streamline tasks like notifications, approvals, and file actions with just a few clicks.

Powered by Power Automate, Workflows offers a consistent experience across platforms and reduces the complexity of previous automation methods.

This message is associated with Roadmap ID 491632 and MC1121517.

When this will happen

• Targeted Release: Begins early February 2026 (previously early January); expected completion by end of February 2026 (previously end of January).
• General Availability: Begins early April 2026 (previously early March); expected completion by early May 2026 (previously end of March).

How this affects your organization

As part of this update, list and document libraries will have a new Workflows button on the command bar menu. We’ll also be consolidating the existing Automate and Integrate menus into a single menu dropdown.

Figure i. Updated Workflows button on the command bar menu

The new Workflows experience introduces:

• A streamlined interface for creating automations directly in SharePoint lists and libraries, Teams chats, and channels.
• A redesigned template library for faster discovery of common workflows.
• Natural language-to-flow capabilities to describe automation goals.
• A Madlib-style editor for easy customization using plain language and dynamic placeholders.

Figure ii. Workflows experience opening in a SharePoint list

Figure iii. Creating a new Workflow from a template in a SharePoint document library

Workflows is powered by Power Automate and retains enterprise-grade reliability, security, and extensibility. Existing workflows and compliance processes remain unaffected. The feature is on by default and requires no admin configuration.

What you can do to prepare

No admin action is required at this time. However, you may:

• Inform users about the new Workflows experience in SharePoint.
• Update existing training and documentation that used the Integrate menu and Power Automate to create flows
• Reassure users that existing Power Automate workflows and policies will remain unchanged.
• Learn more:
  • Browse and add workflows in Microsoft Teams (will be updated before WW rollout)
  • Create a flow for a list or library (will be updated before WW rollout)

Compliance considerations

This feature leverages the Default Environment in Power Platform, if your organization has specific controls or environment policies, Workflows experiences in Teams & SharePoint will be included in those policies.

Updated March 17, 2026: We have updated this post as a reminder. Thank you for your patience. 

[Introduction]

We are resurfacing MC670435, published September 2023 to remind admins of the Microsoft Teams Premium self-service trial capability. This message serves as a reminder as we begin a broader rollout of the feature announced in 2023.

[When this will happen:]

Ongoing rollout. 

[How this will affect your organization:]

When rolled out, users within your organization will be able to directly initiate a Teams Premium trial. These self-service trial licenses will be a part of your Microsoft organizational tenant, and you will be able to manage these licenses like other Microsoft subscriptions. You will be able to cancel these trial licenses at any time.

You will also be able to fully control whether trials are converted to paid subscriptions. Users will not need to input payment information when signing up. If a user would like to convert to a paid license, they must work with you directly to do so as there is no auto-renew functionality for these trials. If a user isn’t upgraded to a paid subscription, all services included in their Microsoft Teams Premium will end, and the user may lose read only access to data generated by Teams Premium, stored in Microsoft Teams, OneDrive, and SharePoint.

Users in tenants where self-service trials are disabled may still see the “Get Premium” prompt when accessing features that require a premium license. This is expected behavior and helps signal user interest to admins. It can also help identify which users in your organization may need a Teams Premium license, allowing you to better manage and allocate your available licenses.  To reduce confusion and prevent users from submitting license requests, admins can customize the license request flow. Instead of showing the default request form, they can configure a custom message explaining that license requests are not supported in their organization. For setup instructions, see Use your own request process – Microsoft Learn.

Microsoft Teams Premium helps make your Teams meetings more intelligent, protected, and engaging. Unlike other meeting and collaboration tools, Teams Premium brings advanced capabilities for meetings, virtual appointments, and webinars together for one low cost. You can learn more about Teams Premium here.

The customer data for all services associated with the Microsoft Teams Premium trial will be handled in accordance with the Microsoft Online Subscription Agreement and the Product Terms.

[What you need to do to prepare:]

Global or billing admins can use the same self-service purchase controls to disable self-service trials while making use of subscription management capabilities to oversee and manage trial licenses on the Your Products page in the Billing section of Microsoft 365 admin center.

Note: This is a new Teams Premium trial and is enabled or disabled independently of past trial offerings.

Review our updated self-service purchase and trial documentation here. We’ve added important information about the way trials work, the data that is collected, and the terms that apply.

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction:]

The Microsoft 365 Copilot app now features a simpler, cleaner navigation experience. We’ve flattened the menu and grouped features logically so it’s easier for users to find what matters most.

This message is associated with Microsoft 365 Roadmap ID 518222.

[When this will happen:]

• Targeted Release: Rollout begins in mid-November 2025 and is expected to complete by late November 2025.
• General Availability (Worldwide): Rollout begins in December 2025 and is expected to complete by end of March 2026 (previously end of February).

[How this will affect your organization:]

• Who is affected: Users of the Microsoft 365 Copilot app for Web, Windows, and Mac.
• What will happen:
  • Navigation is simplified with a flattened menu and logical grouping of features.
  • For users with a Microsoft 365 Copilot license, the Apps entry point is now located in the navigation footer, next to Settings.

Screenshot: Comparison of current (left) and refreshed (right) M365 Copilot navigation. The new design groups agents, notebooks, and recent chats directly in the left rail. Features shown may vary by license type and admin settings.

[What you need to do to prepare:]

• No admin action is required.
• Rollout will begin for users starting in December and complete in the following weeks.
• To learn more about managing the Microsoft 365 Copilot app, review Microsoft 365 Copilot app settings for IT admins | Microsoft.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

As part of our ongoing commitment to delivering a polished, platform-native experience for Mac users, Microsoft Teams is introducing native screen and window sharing capabilities tailored specifically for macOS. This opt-in experience leverages Apple’s macOS native screen sharing APIs, allowing users to share their screen or window directly from macOS during Teams meetings.

This message is associated with Microsoft 365 Roadmap ID 502523.

• Targeted Release: Begins early-December 2025, completes mid-December 2025.
• General Availability
  • Worldwide and GCC: Begins early January 2026, completes by mid-May 2026 (previously mid-January).
  • GCC High and DoD: Begins mid-January 2026, completes by late May 2026 (previously late January).

Who is affected: Mac users participating in Teams meetings across Microsoft 365 tenants.

What will happen:

• Users will be able to opt in to native macOS screen and window sharing via Teams settings.
• The feature is disabled by default and must be enabled by the user.
• No application restart is required after enabling.
• The experience uses macOS native APIs for improved performance and integration.

• Notify your macOS users about this new capability.
• Update internal training materials and documentation as needed.
• No admin action is required unless you wish to communicate or document the change internally.

No compliance considerations identified, review as appropriate for your organization.

Updated March 17, 2026: We have paused rollout of this feature at this time and will provide updates via this post when we are ready to proceed. We apologize for any inconvenience. 

Introduction

We’re excited to announce that Microsoft Teams now supports apps in Private channels. This update enables richer collaboration scenarios across teams and organizations by allowing users to add and use apps—including bots, tabs, and message extensions—directly within Private channels. This change aligns with customer feedback requesting more consistent and flexible app experiences across collaboration spaces. Support for apps in Private Channels follows the same model as that for shared channels, ensuring a unified experience for users and developers.

This message is associated with Roadmap ID 518215 and applies to Teams for Windows desktop and Teams for Mac desktop.

When this will happen:

• Targeted release: Rollout begins mid-January 2026, and we expect to complete by late January 2026.
• General availability (Worldwide): The feature was temporarily rolled back prior to General Availability and is not yet available worldwide. We will share an update once GA timing is confirmed.

How this affects your organization:

Who is affected:

• All Microsoft Teams users who participate in Private Channels
• Admins managing Teams app policies
• Developers maintaining Teams apps

What’s changing:

• Apps can now be added to Private Channels. Previously, only a limited set of tabs were supported.
• This feature is available by default.
• All apps marked to work in Private and Shared Channels will be available.
• Channel owners or members can add apps to a Private Channel, with new governance and consent controls.
• A new channel setting allows owners to control who can add apps.
• Apps must be explicitly added to each channel; installing at the team level will no longer apply to Shared or Private Channels.

  Screenshot 1: Apps must be added per channel. Users are prompted for consent when interacting with an app that hasn’t been added. Apps are available through all standard discovery entry points.

  

  Screenshot 2: Manage apps in your channels from the new Apps tab in Manage channel settings.

  

•  Guest users can use supported apps depending on app and admin settings.
• Only apps updated by developers to support Private Channel functionality and allowed by admins will be available.
• Support for apps in Private Channels will follow the same model and require similar updates.

What you can do to prepare:

Admins:

• Review your Teams app policies and ensure required apps are updated for Private Channel support.
• Communicate this change to helpdesk staff.
• Update internal documentation if you detail this feature.
• Confirm that apps used in Private Channels are permitted by your organization’s app governance policies.

• Update your app manifest to include supportsChannelFeatures: tier1 as part of the latest manifest version.
• Use channel-specific APIs for membership, storage, and permissions. Do not assume team membership equals channel membership.
• Review and update Resource-Specific Consent (RSC) permissions if required.
• Test your app in Private Channels and with different user roles (internal, guest) to validate functionality.
• For apps with advanced scenarios (e.g., file access, cross-channel data, custom permissions), review the full developer guidance for targeted updates.

Before rollout, we will update this post with new documentation.

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

Enable Microsoft Purview to access, process, and store prompt and response data—including associated metadata—from Microsoft Foundry apps and agents. This integration supports key data security and compliance scenarios such as:

• Sensitive information type (SIT) classification
• Analytics and reporting through Microsoft Purview DSPM for AI
• Insider Risk Management
• Communication Compliance
• Microsoft Purview Audit
• Data Lifecycle Management
• eDiscovery

Microsoft Foundry now has direct integration with Microsoft Purview. This capability helps your organization manage and monitor AI-generated data in alignment with enterprise policies and regulatory requirements.

This message is associated with Microsoft 365 Roadmap ID 537271.

• Public Preview: Rolling out mid-December 2025, expected completion mid-January 2026.
• Worldwide: Rolling out mid-May 2026 (previously mid-March), expected completion mid-June 2026 (previously mid-April).

• Who is affected: Admins managing Microsoft Foundry and Purview integrations.
• What will happen:
  • Admins can enable a toggle in Foundry to send AI interaction data to Purview.
  • Feature is opt-in; requires admin action to enable.
  • Once enabled, AI interaction data will be monitored and secured for compliance purposes.

• Work with the Foundry subscription owner to enable the toggle in the Foundry control plane.
• Pre-requisite: Assign “Cognitive Services Security Integration Administrator” role.
• Steps:
  • Go to Operate → Compliance.
  • Select the “Security” tab.
  • Select the Azure Subscription.
  • Click the enablement toggle next to “Microsoft Purview.”
• Repeat for other Azure subscriptions as needed.

Learn more: Use Microsoft Purview to manage data security & compliance for Microsoft Foundry | Microsoft Learn

No compliance considerations identified, review as appropriate for your organization.

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

Adaptive scopes for SharePoint DLP policies in Microsoft Purview enable you to target SharePoint sites based on site attributes instead of manually maintaining static site lists. As sites are created or updated, adaptive scopes automatically adjust membership, ensuring that DLP policies remain aligned to your environment without ongoing manual updates.

This message is associated with Microsoft 365 Roadmap ID 549288.

[When this will happen]

• Public Preview: We began rollout in early February 2026 and expect to complete by late‑February 2026.
• General Availability (Worldwide): We will begin rollout in mid-April 2026 (previously mid‑March) and expect to complete by late April 2026 (previously late March).

[How this will affect your organization]

Who is affected: Admins who manage Data Loss Prevention (DLP) policies for SharePoint in Microsoft Purview.

What will happen:

With adaptive scopes for SharePoint, your organization will –

• Apply DLP policies more efficiently and at scale.
• Automatically target the correct SharePoint sites based on attributes such as URL, name, or metadata.
• Ensure new or updated sites are protected without manual list maintenance.
• Reduce administrative overhead by removing the need to maintain static site lists.
• Maintain consistent DLP policy coverage as your SharePoint environment grows and changes.

Additional notes:

• There is no impact to user workflows.
• The feature is not enabled by default; admins must create and assign adaptive scopes.

[What you can do to prepare]

To prepare for this update, you can:

• Verify licensing and permissions.
• Ensure your tenant has Microsoft 365 E5 or E5 Compliance licensing and that you hold the required Purview roles.
• Learn more: Configure adaptive scopes – Adaptive Scopes | Microsoft Purview | Microsoft Learn
• Navigate to Adaptive scopes.
• Go to Microsoft Purview compliance portal → Settings → Roles & scopes → Adaptive scopes (screenshot 1):

  

• Create an adaptive scope.
• Select + Create scope.
• Provide a name and description.
• Choose SharePoint sites as the scope type (screenshot 2):

  

• Define the scope criteria.
• Use the query builder to set rules based on SharePoint site attributes such as:
  • Site URL
  • Site name
  • Custom metadata
• Review and create the scope.
• Confirm your criteria and create the scope. The system evaluates and updates scope membership automatically.
• Verify scope membership.
• Review included sites using the Adaptive scopes details pane (screenshot 3):

  

• Apply the scope to a DLP policy.
• When creating or editing a SharePoint DLP policy, select your adaptive scope (screenshots 4 and 5):

  

  .

  

• Allow time for periodic evaluation.
• Changes to adaptive scopes may take time to reflect across applied policies.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

[Introduction]

We’re expanding Microsoft Purview Data Loss Prevention (DLP) controls to provide broader governance for Microsoft 365 Copilot. With this update, DLP policies that prevent Copilot from processing content based on sensitivity labels will now apply to Word, Excel, and PowerPoint files regardless of where they are stored. This enhancement responds to customer feedback requesting more consistent protection coverage across local and cloud-based file locations.

This feature is associated with Microsoft 365 Roadmap ID 557255.

[When this will happen]

• General Availability (Worldwide and GCC): Rollout will begin in late March 2026 and is expected to complete by late April 2026.

[How this affects your organization]

Who is affected

• Organizations using Microsoft Purview DLP to restrict Copilot processing of sensitivity-labeled content
• Admins who manage Purview DLP policies
• Users working with Microsoft 365 Copilot in Word, Excel, or PowerPoint

What will happen

• DLP policies that restrict Copilot from processing sensitivity‑labeled files will apply to Word, Excel, and PowerPoint files in all storage locations, including:
  • SharePoint
  • OneDrive for Business
  • Local device storage
  • Other storage locations accessible to Office apps
• When a DLP policy blocks Copilot processing, Copilot will not process the file’s content in Word, Excel, or PowerPoint.
• Existing DLP policies will continue to function normally; no policy migration or reconfiguration is required.
• The feature will be on by default for tenants with relevant DLP rules configured.
• Users will see consistent DLP enforcement when invoking Copilot in supported Microsoft 365 apps.

Implementation detail:

This update does not modify Copilot capabilities. Instead, Office clients and AugLoop have been enhanced so AugLoop can read a file’s sensitivity label directly from the client. Today, AugLoop retrieves the label by calling Microsoft Graph using the file’s SharePoint or OneDrive URL, which limits DLP enforcement to files stored in OneDrive and SharePoint. By enabling the client to provide the label, DLP enforcement now applies uniformly across all storage locations, including local files.

[What you can do to prepare]

No action is required to enable this feature.

If your organization uses DLP controls for Copilot, you may optionally:

• Review existing DLP policies that include sensitivity-label-based restrictions
• Update internal documentation or helpdesk guidance if needed
• Communicate this enhancement to relevant security or compliance teams

Learn about managing DLP policies: Learn about data loss prevention | Microsoft Purview | Microsoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Updated March 16, 2026: We have updated the content. Thank you for your patience. 

[Introduction]

Microsoft Security Store is now integrated into the Microsoft Purview DLP experience, giving admins an in‑product way to discover a curated set of integrations that extend Purview capabilities, including data security capabilities for the network. Purchasing and management are completed through Security Store, simplifying how organizations procure partner integrations.

This message is associated with Microsoft 365 Roadmap ID 557977.

[When this will happen:]

• General availability (Worldwide): Rollout will begin in late March 2026 and is expected to complete by late April 2026.

[How this affects your organization:]

Who is affected:

• Microsoft 365 administrators managing Microsoft Purview DLP
• Data security and compliance administrators

What will happen:

• Once rolled out, you can access the Security Store from the Data Loss Prevent solution in Purview.



• Admins can discover, purchase, and enable supported partner integrations.
• The feature is available by default once it reaches your tenant.
• There is no impact to users unless an integration is enabled.
• Existing Purview DLP policies are not changed.

[What you can do to prepare:]

No action is required.

• Inform data security administrators about the new capability.
• Review available integrations once the Security Store appears.

Learn more:

• Discover, buy, and deploy security solutions and agents
• Learn about Microsoft Purview Network Data Security

[Compliance considerations:]

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

Outlook for iOS and Android is adding support for recommended and automatically applied sensitivity labels when you compose an email on your mobile device. With this release, we are extending Recommended Labels to Outlook mobile (iOS and Android), providing the same labeling experience users already have in Outlook on the desktop and web. For recommended labels, you’ll see a prompt to review and apply the suggested label. For automatic labels, they will be applied without needing any action from you. This ensures alignment with your organization’s Microsoft Purview Information Protection labeling policies when sensitive information is detected.

This message is associated with Microsoft 365 Roadmap IDs 557253 and 557254.

[When this will happen]

General Availability (Worldwide): We will begin rolling out in late March 2026 (previously mid‑March) and expect to complete by mid-April 2026 (previously late March).

[How this affects your organization]

Who is affected

• Users who compose email in Outlook for iOS and Android
• Organizations with automatic or recommended sensitivity labeling policies configured in Microsoft Purview Information Protection

What will happen

• This update extends Recommended Labels to Outlook mobile (iOS and Android), enabling recommended label prompts when sensitive information is detected.
• Users see recommended sensitivity labels when Microsoft Purview identifies sensitive information during email composition.
• Users are prompted to review and apply recommended labels.
• Automatic labels are applied without user action when required by policy.
• The feature is on by default for organizations with existing Purview sensitivity labeling policies.
• No changes are made to Purview policy configuration, scopes, or publishing.
• Outlook desktop and Outlook on the web are not affected; this update adds support for Outlook mobile only.

Figures 1–3. Examples of users being prompted to review and apply recommended sensitivity labels in Outlook mobile.

[What you can do to prepare]

No action is required if your organization already uses automatic or recommended sensitivity labeling policies in Microsoft Purview Information Protection. Outlook mobile support is added automatically.

Admins may choose to:

• Review existing labeling policies in the Microsoft Purview portal to confirm correct scoping and label publishing.
• Ensure sensitivity labels are published to users who rely on Outlook mobile.
• Communicate this change to helpdesk or support teams.
• Review Microsoft Learn documentation for minimum supported Outlook mobile versions: Sensitivity label capabilities in Outlook – Minimum versions for sensitivity labels in Office apps | Microsoft Purview | Microsoft Learn

[Compliance considerations]

Updated March 17, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re retiring the Semi-Annual Enterprise Channel option from the Office Customization Tool in the Microsoft 365 apps admin center. This retirement supports our ongoing efforts to simplify update channel management for Microsoft 365 Apps and ensure customers benefit from the most secure, up-to-date experience. We will continue to invest in the Monthly Enterprise Channel and Current Channel, which offer more frequent security and feature updates.

[When this will happen]

We will begin retiring this option on April 6, 2026, and expect to complete the retirement by April 11, 2026.

[How this affects your organization]

Who is affected

• Organizations that use the Office Customization Tool in the Microsoft 365 apps admin center to create deployment configurations for Microsoft 365 Apps.

What will happen

• The Semi-Annual Enterprise Channel will be removed from the list of available update channel options when creating new deployment configurations.
• Deployment configurations you have already created that use Semi-Annual Enterprise Channel will continue to retain that value when viewed or edited; however, it will not be available as a selectable option for new configurations.
• Only Current Channel and Monthly Enterprise Channel will be available for new configuration creation.
• There is no impact to devices currently configured for Semi-Annual Enterprise Channel.

[What you can do to prepare]

No admin action is required for this retirement. You may choose to:

• Notify relevant admins or deployment teams of this upcoming change.
• Update internal documentation if it references the Semi-Annual Enterprise Channel as a selectable option.
• Review your existing configurations in the Office Customization Tool if you plan to transition to a different update channel going forward.
• If desired, use this Microsoft Learn resource to plan channel migration: Change the Microsoft 365 Apps update channel for devices in your organization | Microsoft 365 | Microsoft Learn.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

• Enhanced template discovery with views: Sellers can quickly filter templates, such as My templates, Team templates, or Approved templates, to find the best fit for each step.
• In-flow template creation and editing: Email templates can now be created or updated directly within the Sequence flow, making them instantly available and eliminating the need to switch contexts.

• Specify the criteria for selecting opportunity records that should be enriched.
• Specify whether you want the records to be automatically updated or manually reviewed and approved.

• Review the suggested changes for your opportunity records. The suggestions are generated based on your recent email interactions with customers.
• Read the context behind each suggestion to understand why the update is recommended.
• Choose to accept or reject the suggested updates (for manual processes) or revert changes made by the agent (for automated processes).

• April 2026 – Enforcement Phase with manual rollback: Default Kerberos behavior changes so domain controllers use AES‑SHA1-only encryption for accounts without explicit encryption type settings, and Enforcement mode is enabled by default on Windows domain controllers. Audit mode remains available as a manual rollback option until July 2026.
• July 2026 – Enforcement Phase: Audit mode is removed, leaving Enforcement mode as the only option.

• Read the full hardening guidance: How to manage Kerberos KDC usage of RC4 for service account ticket issuance changes related to CVE-2026-20833.
• Learn about RC4 usage in Windows and its risks: Detect and remediate RC4 usage in Kerberos.
• Learn more about the related vulnerability: CVE-2026-20833.

• Apply a cohesive color scheme across the app based on a single base color, including hyperlinks, primary buttons, active tab indicators, row selection, and hover effects.
• Customize the app header background and text colors, including hover, pressed, and selected states.
• Set a custom logo for the app header to reinforce organizational branding. Note: Custom logo support in the modern theme XML is currently rolling out and will be available in all regions by the end of April 2026.
• Override the default font used throughout the application.

• If your organization was using classic themes, create a new custom theme XML web resource that reflects your branding. Follow the steps in the documentation to apply it to your environment.
• Update internal documentation and training materials to reference the new custom theming approach instead of classic theming.
• Report any issues or unexpected behavior through Microsoft Support so we can investigate.

[Introduction]

We’re introducing several new Copilot Notebooks features to the Frontier Public environment to help users learn faster, create content more efficiently, and collaborate more easily within their organization. These enhancements build on customer feedback and expand how Copilot can reason over notebook content and connected Microsoft 365 resources. Each feature will reach General Availability (GA) on its own schedule following Frontier Public availability.

[When this will happen:]

• Frontier Public rollout: Beginning March 23, 2026, with broad availability across Frontier Public tenants by March 28, 2026.
• General Availability (GA) (Worldwide): Rolling rollout from early April 2026 through early May 2026. Each feature will reach GA on its own schedule.
• Rollout is gradual; availability may vary by tenant and feature.

[How this affects your organization:]

Who is affected:

• All Copilot Notebooks users (in the Microsoft 365 app and OneNote) in Frontier Public tenants

What will happen:

• The following new Copilot Notebooks features will become available to Frontier Public tenants starting in late March 2026 and will transition to General Availability according to the timelines listed below. All features are enabled by default.
• Chat and Page Interactivity: Allows users to edit and create pages in a notebook directly through chat.
  • Frontier Public: March 23, 2026
  • GA: Mid-April 2026
• Study Guide: Automatically generates quizzes, flashcards, topic pages, and other learning tools based on notebook content.
  • Frontier Public: March 23, 2026
  • GA: Late April 2026
• SharePoint Sites and Folders grounding: Allows users to add SharePoint sites and folders as references so Copilot can use them when reasoning and generating content.
  • Frontier Public: March 23, 2026
  • GA: Early April 2026
• PowerPoint agent in Copilot Notebooks: Enables users to create PowerPoint presentations using notebook content and references in a few clicks.
  • Frontier Public: March 23, 2026
  • GA: May 2026
• Word agent in Copilot Notebooks: Enables users to create Word documents using notebook content and references in a few clicks.
  • Frontier Public: March 23, 2026
  • GA: May 2026
• Sharing to Microsoft 365 Modern Groups: Allows notebooks to be shared directly with Microsoft 365 Modern Groups.
  • Frontier Public: March 23, 2026
  • GA: April 2026
• Mind Map: A new interactive visual artifact that helps users understand notebook content through a grounded map of key topics, themes, and relationships. Users can explore nodes, view summaries, and use notebook chat to learn more. In Frontier Public, generated Mind Maps are retained for 30 days and remain private to the creator, including in shared notebooks. Support for sharing and permanent storage will be added before GA.
  • Frontier Public: March 23, 2026
  • GA: Early May 2026
• Existing Microsoft 365 permissions and access controls are respected.
• No general limitations are known beyond those noted for individual features.

[What you can do to prepare:]

• No admin action is required.
• Consider:
  • Informing helpdesk and support teams about new Copilot Notebooks capabilities.
  • Updating internal training or adoption materials to reflect the new features.
  • Reviewing how Copilot Notebooks are used in your organization to ensure appropriate SharePoint access is in place.

Learn more: Get started with Microsoft 365 Copilot Notebooks (will be updated before GA rollout)

[Compliance considerations:]

All other compliance areas reviewed (data storage changes, Purview controls, audit, eDiscovery, retention, DLP, Conditional Access, GDPR data subject rights, third-party integrations, admin reporting) are not impacted.

[Introduction]

We’re introducing a new slash command, /createworkflow, in the Microsoft Teams message compose box. A workflow is an automated process that handles repetitive tasks for users, such as sending notifications, creating tasks, or starting approvals when something happens in Teams. With this update, users can type /createworkflow while composing a message to quickly begin creating an automation, instead of navigating through menus. This change is designed to make workflow creation faster, easier to discover, and more accessible directly from chats and channels.

This message applies to Teams for Windows desktop, Teams for Mac desktop, and Teams for the web. It is associated with Microsoft 365 Roadmap ID 558544.

[When this will happen:]

• Targeted Release (Worldwide): We will begin rollout in late April 2026 and expect to complete by late April 2026.
• General Availability (Worldwide): We will begin rollout in late April 2026 and expect to complete by complete by mid-May 2026.

[How this affects your organization:]

Who is affected:
All Microsoft Teams users.

What will happen:

• Users can create workflows directly from the compose box using the /createworkflow slash command.

Screenshot: Example of the /createworkflow slash command appearing in the Teams message compose box

• The feature is enabled by default.
• No existing admin policies are changed.
• Workflow creation is faster with fewer clicks.

[What you can do to prepare:]

• No action is required.
• Optionally inform users about the new slash command.

Learn more: Use commands in Microsoft Teams | Microsoft Support (will be updated before rollout)

[Compliance considerations:]

[Introduction]

Microsoft Defender for Cloud Apps is retiring a small set of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) threat detections. These detections no longer align with the current threat protection scope of Defender for Cloud Apps, which is focused on identity-related threats across Entra, on‑premises, and SaaS environments.

Following internal review, these detections are being retired due to low prevalence and low customer impact, allowing us to focus engineering investment on higher-value and more common threat scenarios.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): Retirement begins early May 2026 and is expected to complete by mid‑May 2026.

[How this affects your organization:]

Who is affected:

• Administrators using Microsoft Defender for Cloud Apps
• Organizations that rely on the affected IaaS and PaaS detections

What will happen:

Alerts

• Suspicious creation activity for cloud region
• Suspicious change of CloudTrail logging service
• Multiple storage deletion activities

Behaviors

• Multiple virtual machine (VM) creation activities
• Multiple delete VM activities

After the phase‑out

• These detections will no longer generate alerts or behaviors.
• The related built‑in policies will be removed from the Policy management page.
• Alerts and behaviors already generated will not be deleted and will remain available in:
  • Alerts and Incidents pages
  • Advanced Hunting tables (for historical investigation and auditing)
• Any existing alert links that previously pointed to these policies will indicate that the policy has been deleted.

[What you can do to prepare:]

• No admin action is required.
• If you currently reference these detections in operational processes, playbooks, or documentation, we recommend reviewing and updating those materials ahead of the removal date.

[Compliance considerations:]

This change modifies how admins can monitor and report on specific Defender for Cloud Apps detections. Historical alert and hunting data remains available for auditing.

[Introduction]

Purview DSPM’s Data Risk Assessments now support item-level investigation and remediation for SharePoint data, helping organizations more precisely identify and reduce oversharing risk. New item-level insights such as sensitivity label status and sharing link details make it easier to pinpoint overshared content. Admins can take direct remediation actions on selected items, including resolving findings, notifying owners, applying sensitivity labels, or removing sharing links. These enhancements help organizations proactively reduce data exposure, strengthen compliance posture, and ensure sensitive data is accessible only to the right people.

This message is associated with Microsoft 365 Roadmap ID 523202.

[When this will happen:]

• General Availability (Worldwide): We began rolling out early March 2026 and expect to complete by mid-March 2026.

[How this affects your organization:]

Who is affected:

• Microsoft 365 administrators using Microsoft Purview DSPM Data Risk Assessments
• Organizations that create custom assessments for SharePoint data

What will happen:

• Admins can scan SharePoint data at the item level to detect potential oversharing risks.



• Custom assessment results include a new Potentially overshared items tab.



• Admins can remediate individual items by resolving findings, notifying owners, applying sensitivity labels, or removing sharing links.



• The feature requires admin setup and is not enabled by default.

[What you can do to prepare:]

• Work with your Entra administrator to configure an Entra application (service principal) to enable item-level scanning.
• The setup process enables key item-level remediation actions like assigning sensitivity labels or removing sharing links from overshared items.
  • Learn more: Prerequisites for Microsoft 365 item-level scanning for data risk assessments | Microsoft Learn
• Review and complete prerequisites required for item-level remediation actions.
• Update internal documentation for Purview administrators.
• Notify security and compliance stakeholders of the new capabilities.

[Compliance considerations]

[Introduction]

Microsoft Purview Endpoint Data Loss Prevention (Endpoint DLP) will now be able to classify Office documents protected with Azure Rights Management Services (Azure RMS). This improvement ensures encrypted Office files are included in content inspection so DLP policies can be applied consistently, strengthening endpoint data protection.

This message is associated with Microsoft 365 Roadmap ID 500895.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in early April 2026 and is expected to complete by mid-May 2026.

[How this affects your organization:]

Who is affected:

• Organizations using Microsoft Purview Endpoint DLP
• Windows devices onboarded to Endpoint DLP
• Office documents protected with Azure RMS
• Admins managing Purview DLP and Information Protection policies

What will happen:

• Endpoint DLP will scan and classify Azure RMS–protected Office files.
• Classification occurs when:
  • A protected Office file is used in an application, or
  • Just‑in‑time classification is enabled.
• Based on the detected classification, existing DLP policies will be evaluated and enforced.
• There is no change to user workflow beyond improved policy coverage.
• This feature respects existing DLP and Information Protection policies.
• The feature is available once supported client versions are deployed; no new policy creation is required.

[What you can do to prepare:]

• Deploy Endpoint DLP client version 4.18.26030 or higher.
• Review existing DLP policies to understand enforcement behavior.
• Communicate this change to security and compliance stakeholders.

[Compliance considerations:]

[Introduction]

We are introducing code previews on Copilot Pages, a Microsoft 365 Copilot capability that allows Copilot to generate and render interactive previews of AI‑generated code within Copilot Pages.

Because this feature enables execution and rendering of AI‑generated code, it is admin‑controlled and dependent on Copilot Pages. If Copilot Pages are disabled, Code Previews are not available. If Copilot Pages are enabled (default or forced on), admins can independently enable or disable Code Previews using a new Cloud Policy setting.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out mid-March 2026 and expect to complete by mid-April 2026.

[How this will affect your organization:]

When enabled, users may see AI‑generated code rendered as interactive previews within Copilot Pages, when Copilot determines a code preview is appropriate.

Key details:

• Code Previews are available only in Copilot Pages.
• If Copilot Pages are disabled, code previews are unavailable.
• If Copilot Pages are enabled, admins can still independently control code previews.
• When disabled, Copilot will still generate code but not have a “preview” option to run code previews.

There is no impact to tenants that have Copilot Pages disabled.

[What you need to do to prepare:]

No action is required if you are comfortable with the default behavior.

Admins who want to control availability should review and configure the following Cloud Policy setting:

Policy name:

Enable code previews for AI-generated content in Microsoft 365 Copilot Chat and Copilot Pages

Policy behavior:

• Enabled: Users can view and interact with code previews in Copilot Pages.
• Disabled: Copilot will not allow generated code to run in a preview experience in chat or Pages.
• Not configured: Code previews are enabled by default.

[Compliance considerations:]

• New data stored: No, lives in existing .page files with existing management capabilities
• Changes to data processing or access: No
• New AI/ML capabilities accessing customer data: No
• New communication channels: No
• New generative AI interaction: Yes (AI‑generated code previews, admin‑controlled)
• Impact to Purview (DLP, labels, eDiscovery, audit, retention, encryption): No, lives in existing .page files with existing workflows, no code previews run in eDiscovery output
• Changes to admin compliance monitoring or reporting: No, lives in existing .page files with existing monitoring and reporting capabilities
• Changes to GDPR data subject rights: No