Microsoft Roadmap, messagecenter and blogs updates from 25-03-2025

Updated March 24, 2025: We have updated the rollout timeline below. Thank you for your patience.

Within Microsoft Teams, apps that are found in outlook.com and office.com will show ratings and reviews in the app store listing page and the details page.

[When this will happen:]

Targeted Release: We will begin rolling out late February 2025 and expect to complete by early March 2025.

General Availability (Worldwide): We will begin rolling out early March 2025 and expect to complete by late March 2025 (previously mid-March).

[How this will affect your organization:]

Users will be able to see their apps’ ratings and reviews in outlook.com and office.com.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Viva Learning Search is transitioning to an “intent-based” search from the current “keyword-based” search. As a part of “intent-based” search, Viva Learning will understand the core intent of the user query and show learning results based on user’s intent. Users can interact with Viva Learning Search in their natural language and get relevant content much easier.  Intent-based search personalizes the Search experience for the user. 

This message is associated with Microsoft 365 Roadmap ID 479749

[When this will happen:]

General Availability (Worldwide): We will begin rolling out on mid-March 2025 and expect to complete by late March 2025.

[How this will affect your organization:]

Coming soon: Users can share Microsoft Teams apps or agents from the app or agent profile and from the app side panel in Teams.

This message applies to Teams for Windows desktop, Teams for Mac desktop and Teams on the web.

A Microsoft 365 Copilot license is not required to share agents as described in this message. If a user has access to the agents, the users will be able to share them.

This message is associated with Microsoft 365 Roadmap ID 483355.

[When this will happen:]

Targeted Release: We will begin rolling out early May 2025 and expect to complete by mid-May 2025.

General Availability (Worldwide): We will begin rolling out mid-May 2025 and expect to complete by late May 2025.

[How this will affect your organization:]

After this rollout:

• Users can select the Share option when hovering on the app or agent icon in 1:1 chat mode with the app or agent.
• After a user selects the +Apps icon from the three-dot menu in the top right of any chat, the user can right-click to share the app or agent.

Share option from hovering on app/agent icon:

Sharing from right panel:

This change will be on by default.

[What you need to do to prepare:]

This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Microsoft Purview Data Security Investigations (DSI) is a new AI-powered solution that enables data security teams to identify incident-related data, conduct deep content analysis, and mitigate risk within one unified solution.

This message is associated with Microsoft 365 Roadmap ID 485707. 

[When this will happen:]

Public Preview: We will begin rolling out early April 2025 and expect to complete by mid-May 2025.

General Availability (Worldwide): We will begin rolling out mid-June 2025 and expect to complete by late July 2025.

[How this will affect your organization:]

DSI enables data security admins to efficiently identify incident-relevant content by searching their Microsoft 365 data estate to locate emails, Microsoft Teams messages, Microsoft Copilot prompts and responses, and documents.

After an admin scopes an investigation, DSI’s generative AI capabilities allow admins to gain deeper insights into the impacted data, revealing critical security risks and sensitive information. Investigative capabilities include the ability to categorize evidence, perform vector searches, and examine impacted data for security and sensitive data risks.

DSI visualizes correlations between investigation data, users, and their activities. To mitigate identified risks, DSI facilitates secure collaboration between partner teams. Post-investigation learnings can be used to refine existing policies to strengthen your organization’s security practices.

Get started with DSI on the overview page with information on enrollment and enabling RBAC (role-based access control):

Categorize your data to identify highest risk items and plan mitigation actions accordingly:

Understand investigation progress and insights with the Investigation summary view:

[What you need to do to prepare:]

Learn more: Accelerate data security investigations with AI-powered deep content analysis | Microsoft Community Hub

When the Public Preview begins, we will update this post with new documentation.

Get started on the Purview DSI overview page (coming soon) to complete setup and get oriented in a few simple steps:

1. Enable access in Microsoft Purview > Permission for DSI admins, DSI investigators and DSI reviewers in your organization.
2. Complete the DSI first-run experience including:
   1. Enrolling your Purview subscription for non-AI storage and processing meter
   2. Enrolling for AI consumption using security compute units
3. Get started with your first investigation.

Coming soon for Microsoft Teams: Enhanced spell checking with multi-language support. This feature will help users communicate more effectively with fewer spelling errors.

This message applies to Teams on Windows desktop and Teams on Mac desktop.

This message is associated with Microsoft 365 Roadmap ID 470600.

[When this will happen:]

Targeted Release: We will begin rolling out early April 2025 and expect to complete by mid-April 2025.

General Availability (Worldwide, GCC): We will begin rolling out early May 2025 and expect to complete by mid-May 2025.

General Availability (GCC High): We will begin rolling out mid-June 2025 and expect to complete by late June 2025.

General Availability (DoD): We will begin rolling out late June 2025 and expect to complete by early July 2025.

[How this will affect your organization:]

Users will choose their languages for spell checking in Teams settings. Before rollout, we will update this post with revised documentation.

Key features

• Advanced spell checking: Improved accuracy to ensure messages are clear and professional.
• Multi-language support: Seamlessly switch between up to three languages.
• Custom dictionary: Users can add their own words for personalized spell checking.

This change will be available to users by default.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before or after the rollout. You may want to notify your users about this change and update any relevant documentation.

Updated February 6, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon to Microsoft Teams: Users will be able to record video in Teams channels with the Record video clip option. Before this rollout, the Record video clip option only exists in Teams chat. After this rollout, users can record short clips to communicate with colleagues in Teams channels. Users can record clips of themselves, their screen, or audio only and send the clip as a new post or a reply in a channel. This message applies to Teams for Windows desktop, Teams for Mac desktop, and Teams on the web.

This message is associated with Microsoft 365 Roadmap ID 383740.

[When this will happen:]

Targeted Release: We will begin rolling out early January 2025 and expect to complete by mid-January 2025.

General Availability (Worldwide): We will begin rolling out mid-January 2025 and expect to complete by late February 2025 (previously late January).

[How this will affect your organization:]

To use the new feature in a channel, users can go to the box where they compose posts or replies and select the + sign (the Actions and apps menu), and then choose the new Record video clip option:

This change will be available by default.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout.

Learn more: Record a video or audio clip in Microsoft Teams – Microsoft Support (will be updated before rollout)

Updated March 24, 2025: We have updated the rollout timeline below. Thank you for your patience.

Administrators and security operators who are using third-party report message solutions in Microsoft Outlook to allow their users to report suspicious messages (for example, Knowbe4, Hoxhunt, Cofense, Proofpoint add-ins, and so on) can now configure Defender for Office 365 to automatically send these messages to Microsoft for analysis.

This message is associated with Microsoft 365 Roadmap ID 406167.

[When this will happen:]

General Availability: We will begin rolling out late March 2025 (previously late February) and expect to complete by early April 2025 (previously late March).

[How this will affect your organization:]

You must configure this setting if you want the benefit of sending third-party reported messages to Microsoft.

To enable this setting:

1. Go to User reported settings in the Microsoft Defender portal, select Monitor reported messages in Outlook, and then select Use a non-Microsoft add-in button.
2. In the Reported message destination section, select Microsoft and my reporting mailbox, and then provide the email address of the internal Exchange Online mailbox where user-reported messages by the third-party add-ins are being routed to. If the third-party vendor follows the guidance for message submissions format, Defender for Office 365 will submit these messages automatically to Microsoft for analysis.
3.  The result from Microsoft after analysis is shown on the User reported page in the Defender portal.

For more details about how Microsoft handles user-reported suspicious messages, see Report suspicious email messages to Microsoft.

Alerts are automatically generated for user reported messages in Defender for Office 365. If you have Defender for Office 365 Plan 2, Automated investigation and response (AIR) is also automatically triggered for user reported phishing messages. Both alerts and their investigations are automatically correlated to Defender XDR Incidents, which helps SOC teams with automation to triage, investigate, and respond. Submitting these messages to Microsoft for analysis provides a response of this analysis to security analysts and also helps improve Defender for Office 365 filters.

[What you need to do to prepare:]

If your user reporting settings are already set to Use a non-Microsoft add-in button and Microsoft and my reporting mailbox, you don’t need to do anything to benefit from this change. However, if the destination is My reporting mailbox only, you need to change the destination to Microsoft and my reporting mailbox to benefit from this change. 

Updated March 24, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon for Microsoft 365 Copilot: When writing Copilot prompts in the chat box, users will be able to use CIQ to select Microsoft SharePoint and Microsoft OneDrive folders using the existing Attach cloud files icon.

Context IQ (CIQ) is a set of AI capabilities from Microsoft that allows users to search for, select, and insert relevant enterprise or personal data directly into their prompts or conversations. This capability helps users to “ground” or anchor their prompts in specific, contextually relevant data, making responses more accurate, specific, and useful.

This message is associated with Microsoft 365 Roadmap ID 413109.

A Microsoft 365 Copilot license is required to use this feature.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late March 2025 (previously mid-March) and expect to complete by early April 2025 (previously late March)

[How this will affect your organization:]

No impact to tenant admins. This change is available by default. Users will be able to attach a OneDrive folder or a SharePoint folder to their prompt, similar to how they can select files to attach before the rollout. Users can only select folders that they own or that are shared to the user.

To add OneDrive or SharePoint folders to add to their Copilot prompt, users can select the Attach cloud files icon in the Copilot chat box:

From the new window, users can select the desired folders to add to their Copilot prompt:

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before or after the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more: Using Context IQ to refer to specific files, people, and more in Microsoft 365 Copilot – Microsoft Support (will be updated before rollout)

Updated March 24, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon for Microsoft Defender for Cloud Apps:

• A change to alerts generated by events originating from Defender for Cloud Apps that are generated in the Microsoft Defender XDR detection engine

This rollout aims to provide more accurate and precise information on the origin of these alerts, enabling customers to identify, manage, and respond to alerts more effectively.

[When this will happen:]

General Availability (GCC, GCC High, DoD, Production, DoD): We will begin rolling out early March 2025 and expect to complete by late May 2025 (previously early April).

[How this will affect your organization:]

We will change the field indicating the alert source in the alert data itself. Note: The rollout will only affect new alerts generated after the rollout and will not alter existing alerts.

This rollout will be reflected in all experiences where alerts are represented, including Incidents & alerts queues in the XDR portal, Advanced hunting, and the correlating APIs and SIEM systems.

In the Defender XDR portal, the change will be reflected in the Service sources field, replacing the current Microsoft Defender XDR values with the new value Defender for Cloud Apps. The detection sources will remain unchanged and will continue to indicate the detections are generated in the XDR detection engine.

The alert ID prepended characters of some of the alerts will also be changed to comply with the Defender XDR mapping.

Learn more about the different alert sources in Defender XDR in the Alert sources section of Investigate alerts in Microsoft Defender XDR – Microsoft Defender XDR | Microsoft Learn

In the Microsoft Graph API, Microsoft Defender for Endpoint streaming API, and the Microsoft Azure Events Hub, the change will be reflected in the alert resource type under the property serviceSource, and the previous values of microsoft365Defender will change to microsoftDefenderForCloudApps.

Learn more about the Graph API alert resource: alert resource type – Microsoft Graph v1.0 | Microsoft Learn

Learn more about Streaming API: Stream Microsoft Defender XDR events – Microsoft Defender XDR | Microsoft Learn

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout.

Administrators should review and update any custom alert rules, playbooks, or automations involving the alerts mentioned above (Service sources = Microsoft Defender XDR and Detection sources = Defender XDR, to ensure they reflect the new value. You may also want to notify your users about this change and update any relevant documentation.

As a reminder, detection sources will remain unchanged, so if you only filter on detection sources, everything should continue to function as normal.