Microsoft Roadmap, messagecenter en blogs updates van 01-05-2024

The cloud.microsoft domain was provisioned in early 2023 to provide a unified, trusted, and dedicated DNS domain space to host Microsoft’s first party authenticated SaaS products and experiences. This post is to inform admins that the following Microsoft products and scenarios are now available at the cloud.microsoft domain, in parallel with the previous domains.

• Viva Engage (https://engage.cloud.microsoft)
• Viva Goals (https://goals.cloud.microsoft)
  
• Viva Pulse (https://pulse.cloud.microsoft)

A full list of product experiences already being delivered on this domain can be found here: Unified cloud.microsoft domain for Microsoft 365 apps – Microsoft 365 Enterprise | Microsoft Learn. 

[When this will happen:]

The services above are already available on cloud.microsoft, in parallel to their previous domains. You can expect the previous domains to be redirected to cloud.microsoft in the coming months.  

[How this will affect your organization:]

• The cloud.microsoft domain has been a part of standard Microsoft network guidance on domains and service endpoints since April 2023. If you are currently following this guidance, this change should not impact users in your organization using the above applications under the new domain.
• Users will be redirected to applications under cloud.microsoft domains gradually and automatically. No specific user action is required. Links to the previous domains are backwards compatible and continue to be supported. Users may notice that the new application domains are lacking the “.com” extension. This is by design, as “.microsoft” is Microsoft’s own top-level domain – and this exclusivity allows for additional security and protection against spoofing.

[What you need to do to prepare:]

• Educate users to recognize and expect cloud.microsoft as a key domain for Microsoft cloud experiences. You can refer them to What is cloud.microsoft? – Microsoft Support for more information.
• If your organizational websites, tools, or other materials reference the old URL, those links will be automatically redirected. However, it would be good practice to update those assets to avoid user confusion. 
• Partner with developers of in-house Teams apps – including those that run on Outlook and Microsoft 365 – to take the actions described in Action required: ensure your Microsoft Teams apps are ready for upcoming domain changes so the apps continue to function on the new domain. 
• Admins should ensure that connections to *.cloud.microsoft are not blocked from their clients and enterprise networks. This should require no action if standard Microsoft network guidance on domains and service endpoints is being followed.

Microsoft Purview: We’ve added new properties to the device onboarding page. These include the OS build, Defender Engine version, Defender client version, Sensitive data activity, Server DLP, First onboarded date, Advanced classification bandwidth usage exceeded, and Valid user. 

This message is associated with Microsoft 365 Roadmap ID 383737

[When this will happen:]

General Availability: We will begin rolling out early May 2024 and expect to complete by early May 2024.  

[How this will affect your organization:]

You’ll have access to new device details including OS build, Defender engine version, Defender client version, Sensitive data activity, Server DLP, First onboarded date, Advanced classification bandwidth usage exceeded, and Valid user.  

Figure 1:

Figure 2:

[What you need to do to prepare:]

No action is needed from you to prepare for this rollout. You may want to notify your admins about this change and update any relevant documentation as appropriate.

Note: If your organization does not support iOS, you can safely ignore this message.

Categories are coming soon for Microsoft Outlook for iOS.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early May 2024 and expect to complete by mid-May 2024.

This feature is available now to Apple TestFlight customers.

[How this will affect your organization:]

Users will be able to see categories previously applied to messages and apply categories to emails they send and receive. Learn more: Use categories in Outlook – Microsoft Support

[What you need to do to prepare:]

No admin preparation necessary. You may want to notify your users about this change.

With this feature update, if both the Microsoft 365 app and the standalone apps for Microsoft Word, Microsoft Excel, or Microsoft PowerPoint are installed on a user’s mobile device, the standalone app will be given preference for opening its respective file type over the Microsoft 365 app.

[When this will happen:]

General Availability (Worldwide, GCC, GCCHigh, DoD): We will begin rolling out early June 2024 and expect to complete by mid-July 2024.

[How this will affect your organization:]

Currently in Microsoft Outlook for iOS and Android, if users have both the Microsoft 365 app and the standalone apps for Word, Excel, or PowerPoint installed on their device, users will be prompted in Outlook mobile to open the document with the Microsoft 365 app. With this change, the user will instead be prompted to use the standalone app that fits the document type. 

[What you need to do to prepare:]

Review the app management policies for your organization. If you currently restrict users to only the use of the Microsoft 365 app for document opening and editing, consider allowing the standalone apps for Word, Excel, and PowerPoint for use as well. You also may want to notify your users about this change and update your training and documentation as appropriate.

Microsoft Defender for office 365 Services now allows the execution of several response actions simultaneously through the Take action wizard in Threat Explorer/ Realtime detection.

Many Security analyst teams use Threat explorer to execute bulk email remediation actions, and we’re enhancing this capability with an improved Take action feature. This feature facilitates a more streamlined and efficient remediation of threats.

With the new Take action wizard, you can perform multiple actions such as purging emails, inline submissions, triggering investigations, and Tenant level block actions together with a single wizard up to 100 messages. Moreover, you can take Tenant level block URL/file actions directly from Threat explorer.

Alternatively, if you want to perform bulk email remediation for more than 100, this new wizard will enable you to do that in an organized manner.

Some of the actions are not available based on the current location of the message, but if there is a conflict, the new experience gives more options and power through toggle. SecOps can use toggle choices to turn them on/off as desired and take proper action.

This message is associated with Microsoft 365 Roadmap ID 393937

[When this will happen:]

General Availability (Worldwide): Rollout began in mid-April 2024 and expect to complete by late June 2024.

General Availability (GCC): We will begin rolling out mid-May 2024 and expect to complete by late June 2024.

[How this will affect your organization:]

If you are part of the Security Operations team and use Microsoft defender for Office 365 email remediation features, the following are the enhancements for the email entity page and email summary panel:

• Step 1: Log into the Microsoft 365 Defender portal at https://security.microsoft.com 
• Step 2: Navigate to Threat Explorer / Real time detection and select the desired emails.
• Step 3: Click on Take action. Please note that previously, the drop-down menu was called Message actions.
• A new panel will open (e.g. figure1). Some actions may be unavailable based on the message’s latest delivery location.
• Step 4: Click on “I’ve confirmed as threat” to see a new panel and select multiple entities to block. You can also select multiple entities to block. Please note that “Tenant level allow and block” (TABL) actions are under Submissions. 
• STEP 5: Select target entities.
• STEP 6: Review and submit your actions.

The available actions in the Take action wizard in Threat Explorer (Defender for Office 365 Plan 2) and Real-time detections (Defender for Office 365 Plan 1) are listed in the following:

Action under Threat explorer 

• Move to mailbox folder. 
• Submit to Microsoft for review. 
• Allow or block entries in the Tenant Allow/Block List³ 
• Initiate automated investigation. 
• Propose remediation. 

Action under Real-time Detections

• Submit to Microsoft for review.
• Allow or block entries in the Tenant Allow/Block List³ 

¹ This action requires the Search and Purge role in email & collaboration permissions. By default, this role is assigned only to the Data Investigator and Organization Management role groups. You can add users to those role groups, or you can create a new role group with the Search and Purge role assigned and add the users to the custom role group.

[What you need to do to prepare:]

To perform email purge actions from the email entity page, you are required to have the Search and Purge role, as well as the necessary permissions within the Microsoft 365 Defender portal.

Additional References:

• Learn more here: https://learn.microsoft.com/en-us/defender-office-365/threat-explorer-threat-hunting#remediate-using-take-action.

For Microsoft Teams webinars where event access is set to public, when an attendee registers, they are given the option to share the event link to social networking sites like Facebook and LinkedIn. This feature update provides the ability to disable this setting for public webinars. 

This message is associated with Microsoft 365 Roadmap ID 393225

[When this will happen:]

General Availability (Worldwide, GCC): We will begin rolling out early June 2024 and expect to complete by early July 2024.

[How this will affect your organization:]

Webinar organizers will have the ability to disable social sharing so that registrants will not have a direct social sharing option upon registration. A toggle in the Event Access settings in the Webinar details page will be available, and the organizer can select off to disable this option for the registrants.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Coming soon: New indicators in Microsoft Purview | Insider Risk Management that use Microsoft Purview Communication Compliance policy matches to detect various communication risks, including inappropriate content and financial regulatory compliance violation breaches on channels like Microsoft Exchange, Microsoft Teams, Microsoft Viva Engage, Microsoft Copilot for Microsoft 365, or third-party channels.

This message is associated with Microsoft 365 Roadmap ID 382106.

[When this will happen:]

Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.

General Availability Worldwide: We will begin rolling out early June 2024 and expect to complete by late June 2024.

[How this will affect your organization:]

Often risky activities are not isolated events. Such activities are often followed by or occur with counterproductive workplace behavior. Determining whether these activities are inadvertent or intentional can be difficult. However, this new integration update makes Communication Compliance indicators available within Insider Risk Management, empowering risk teams to better differentiate intents and further detect risky actors.

Organizations can use these new indicators in data theft and data leaks policies. Messages with communication risks like inappropriate content or financial regulatory content are scored for risk and presented as insights in the Alert timeline, User activity, and Activity explorer.

The new indicators are off by default and can be enabled in Insider Risk Management settings.

Configure communication compliance indicators in Insider Risk Management settings:

Insider Risk Management alert with communication risks insights at Insider risk management > Alerts > [Alert Name]:

[What you need to do to prepare:]

Insider Risk admins with appropriate permissions can opt into these new indicators in the new Microsoft Purview portal (https://purview.microsoft.com/) or in the Purview compliance portal (https://purview.microsoft.com/) at Insider Risk Management settings.

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your admins about this change and update any relevant documentation as appropriate.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Learn more: Configure policy indicators in insider risk management | Microsoft Learn

We recently rolled out two changes to the Microsoft Copilot Dashboard in Microsoft Viva Insights:

• For customers with a Microsoft 365 or Office 365 subscription, the Copilot Dashboard displays tenant-level metrics. With this rollout, we removed the minimum group size requirement for tenant level aggregated metrics. Before this rollout, users could only view tenant-level aggregated metrics with at least 25 active employees.
• Additionally, for customers with a Viva or a Viva Insights subscription, the Adoption and Impact pages on Copilot dashboard display user-level metrics with the ability to drill down further. These metrics are displayed for groups that meet or exceed the minimum group size set by your Viva Insights administrator. The default value for this threshold is now updated from 25 to 10. In addition, Viva Insights administrator can further configure this threshold with a minimum of 5.

[When this will happen:]

Available now.

[How this will affect your organization:]

End users who have access to the Copilot Dashboard are now able to:

• See the aggregated tenant-level insights without minimum group size requirements.
• See the aggregated user-level insights based on the updated minimum group size threshold that the Viva Insights admin set. User-level insights in the Copilot Dashboard are only available to customers with a Viva Insights subscription.

[What you need to do to prepare:]

Minimum group size helps protect individual privacy. Review and assess the impact for your organization. The Viva Insights administrator can choose to update this threshold in the Viva Insights advanced insights app. This setting will impact the aggregated user-level metrics in the Copilot Dashboard. In addition, this minimum group size setting applies to data visualizations in advanced insights Power BI templates as well as group comparisons in organization insights for leaders and managers in Outlook and Teams.

You might consider updating your training and documentation as appropriate. Learn more about minimum group size, the Copilot Dashboard and the minimum group size setting for Insights administrators.

If you have access to the Copilot Dashboard, you can find it in Microsoft Teams for desktop or web.

This rollout will happen automatically by the specified date with no administrator action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

Your Microsoft Intune account has been updated to the latest service build.

How does this affect me?

You will see the service release number updated in the Tenant Status blade of the Intune console soon. We’ve introduced some changes that we’re excited for you to try out.

What do I need to do to prepare for this change?

Click additional information below to learn more about what’s new in this service release. We’ll continue to update the What’s new page with any features that are released between now and the next monthly service update. Learn more by reviewing features highlighted in the latest Intune What’s new 2404(April) Blog and how the Intune service updates each month is described in the Microsoft Intune Service Updates Blog. 

Additional Information:

Intune What’s new

Intune What’s new 2404(April) Blog

Staying up to date on Intune new features, service changes, and service health

Coming soon for tenants with Microsoft Copilot for Microsoft 365 licenses: Chat with Copilot in Microsoft Outlook. In this version, Microsoft Copilot in Outlook will be graph grounded, meaning that it will have the ability to respond based on find information and documents inside your organization that are stored in the Microsoft cloud. This rollout applies to new Outlook for Windows and Outlook on the web.

This message is associated with Microsoft 365 Roadmap ID 388495.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late April 2024 and expect to complete by mid-May 2024.

[How this will affect your organization:]

Enterprise graph grounding will be enabled by default for all requests to Copilot, and a request will use the file context (document, spreadsheet, page) as well as Enterprise content. The search will perform the same request that happens in Microsoft 365 Chat and adhere to all of the same policies, such as excluding sites and only presenting results for what the user has access to.

Graph search will adhere to your organization’s current search policies and only has access to what users have access to. For more information see Ignite 2023 – A look ahead for Microsoft 365 admins – Microsoft Community Hub. For more information about Microsoft Copilot, please visit Microsoft Copilot for Microsoft 365 documentation | Microsoft Learn.

After rollout, users will select the Copilot icon at the top of the Outlook window to open the Copilot panel on the right of the screen where they can type questions and receive responses from Copilot. For more details, refer users to Frequently asked questions about Copilot in Outlook – Microsoft Support

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. Chat with Copilot in Outlook is on by default and cannot be turned off at the admin or user level. You may want to notify your users about this change and update any relevant documentation as appropriate.

Coming soon, Microsoft Purview Insider Risk Management will be rolling out public preview of granular trigger throttling limits.

This message is associated with Microsoft 365 Roadmap ID 382130.

[When this will happen:]

Public Preview: We will begin rolling out late May 2024 and expect to complete by mid-June 2024.

General Availability: We will begin rolling out late December 2024 and expect to complete by late December 2024.

[How this will affect your organization:]

With this update, we are introducing more granular trigger throttling limits to isolate the impact of a surge in noisy trigger volumes and prevent other policies from being affected. This ensures that organizations can receive critical alerts without being throttled by these limits. By default, these throttling limits will be applied:

• All sensitive triggers, including HR signals, Azure AD leavers, and custom triggers, will be limited to 15,000 per day per trigger.
• All other triggers will be limited to 5,000 per day per trigger.

Additionally, the policy health warning messages will be enhanced to assist admins with appropriate permissions in effectively identifying and addressing noisy triggers.

[What you need to do to prepare:]

No action is needed from you to prepare for this rollout. You may want to notify your admins about this change and update any relevant documentation as appropriate.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.

Learn more: Insider risk management | Microsoft Learn

We've released updates to the following update channel for Microsoft 365 Apps:

• Current Channel

[When this will happen:]

We'll be gradually rolling out this update of Microsoft 365 Apps to users on that update channel starting April 29th, 2024 (PST).

[How this will affect your organization:]

If your Microsoft 365 Apps clients are configured to automatically update from the Office Content Delivery Network (CDN), then no action is required.

If you manage updates directly you can now download this latest update and begin deployment.

[What you need to do to prepare:]

To get more details about this update view the following release notes:

• Current Channel

Version history, a critical part of Microsoft SharePoint’s built-in data protection, tells users how a file has evolved over time. Users can easily revert to an older version if business needs change or if files are damaged by user error or malware. Version storage controls allow you as admins to set an appropriate level of recoverability and auditability for your organization. Based on strong customer feedback, we will release enhanced version storage controls so you can meet your needs efficiently and at scale.

This message is associated with Microsoft 365 Roadmap ID 145802.

[When this will happen:]

Public Preview: We will begin rolling out early May 2024 and expect to complete by late June 2024. Admins can opt into the Public Preview by running the SharePoint Online Management PowerShell cmdlet Set-SPOTenant -EnableVersionExpirationSetting $true. Please make sure that your SharePoint Online Management Shell is updated to version 16.0.24810.12000 or higher so you can run the specified cmdlets. For guidance, refer to Get started with the SharePoint Online Management Shell.

General Availability (Worldwide): We will begin rolling out late August 2024 and expect to complete by mid-October 2024.

[How this will affect your organization:]

What’s New?

We are introducing new version controls that help admins and content owners reduce storage footprint driven by low value file versions. Previously, document library owners could set count-based version limits at the library level. With this rollout, we are introducing new automatic version limits that consider important factors such as age and restore probability to offer more intelligent version deleting options. We’re also adding manual settings for version expiration and count limits.

Here is a summary of the new capabilities introduced with this rollout:

• New Version history limit options to meet your organization’s recovery objectives and version storage targets. Set version limits to:
  • Automatically optimize version recovery and storage without estimating limits; or
  • Manually limit versions by count or version age.
• Set default organization Version history limits on new document libraries and Microsoft OneDrive accounts for consistent version storage setting on all new libraries and OneDrive accounts created through the organization.
• Set Site or Library level Version history limits to meet specific content needs by breaking inheritance from organization defaults.
• Report on version storage use of a site or library by generating a CSV report to analyze current usage trends or impact analysis.
• Delete versions from a site or library to reduce existing version storage footprint or align with new limits.

After this rollout completes, you can expect these changes:

1. New Version history limits settings in SharePoint admin center: Admins can set global defaults for all new libraries created in the organization. By default, the organization-level Version history limit will be set to Manually delete versions. Within the Manual limits, the default Number of major versions is set to 500 and the Time period is set to Never expire.

2. New Version time limit setting for Document libraries: In addition to existing Version count limits, users can set Version time limits to delete versions based on age. Version time limits will be on the library’s Version settings page. No change will be made to existing version limits applied to the library.

3. New Expiring in column on a file’s Version history view: Users will be able to:

• View an expiration applied to a file’s versions based on the library settings
• Set individual file versions to never expire

[What you need to do to prepare:]

Review updated documentation:

• Admin documentation: Overview of Version History Limits for Document Libraries and OneDrive
• End user documentation: Enable and configure versioning for a list or library

To send feedback or questions about this change, select Like or Dislike at the top of this message in the Microsoft 365 message center.

• Access Windows known issues and product lifecycle information with Microsoft Graph API. 
• Expedite non-security updates. 
• Use Microsoft Copilot for Security to explore Entra audit and diagnostic logs, obtain usage reporting, and more.  
• Try Copilot in Intune to get tips on settings, summarize policies, and more. 
• Try Windows Server 2025 and hotpatching for Windows Server 2022. 

• Windows IT Pro Blog 
• What’s new in Windows Server 2025 | Windows Server Summit 2024 (microsoft.com) 
• Microsoft Copilot for Security is generally available on April 1, 2024