Microsoft Roadmap, messagecenter en blogs updates van 13-04-2024

Updated April 11, 2024: We have updated the content to reflect the change to Viva Engage. Thank you for your patience.

Non-Native and Hybrid Microsoft Viva Engage (formerly Yammer) Networks will be upgraded to Native Mode to allow users, groups, and content to be compatible with and mapped to their counterparts in Azure Active Directory and Microsoft 365. Native Mode also provides other benefits, such as the ability to host Live Events in every Viva Engage community and simplify file administration through SharePoint. Most critically, Native Mode supports eDiscovery through the Microsoft Purview compliance portal, allowing your organization to collaborate safely and securely within your Viva Engage network. 90% of Viva Engage networks are in Native Mode today, including our top 10 largest networks.

[When this will happen:]

We will begin migrating networks on December 01, 2022, and continue the upgrades through late December 2024 (previously January). The process will begin with smaller networks. If you prefer to control the timing of your upgrade, you may initiate the process on your own at any time by visiting the Microsoft 365 Native Mode page within the Network Admin pages of Viva Engage.

[How this will affect your organization:]

You will lose access to the following features:

• Network-level guests
• Email blocked lists
• Secret groups

If your organization has active guest users, Azure Active Directory B2B guest functionality can be used for guests who reside in the same geography as the Viva Engage network (US guests for US networks; EU guests for EU networks). Guests will need to be reinvited to your network.

If your organization currently uses an email blocked list to manage access to your Viva Engage network, you can continue to manage access from the Azure Active Directory Portal. Learn more by visiting Add, block, or remove a Viva Engage user and Manage Viva Engage Core user licenses in Microsoft 365.

These feature equivalents are only available to networks in Native Mode. There is no feature equivalent to secret groups in Microsoft 365; all groups must be public or private.

As part of the migration process, the Viva Engage administrator account will be added to all groups in the network, and files may be renamed.

[What you need to do to prepare:]

If you would like to self-initiate your migration:

• There is a step-by-step guide to Native Mode migration available. You can run an alignment report that will identify gaps in your current network alignment with Native Mode. It is critical that you back up your network’s data and communicate the migration to your users prior to running the Alignment Tool mentioned in the guide, as some data may be deleted during the process.

If you would like Microsoft to initiate your migration:

• You are not required to take any action. You can run an alignment report that will identify gaps in your current network alignment with Native Mode. It is strongly recommended that you back up your data and communicate the migration to your users prior to your scheduled migration start date. If your alignment report reveals any blockers to migration, you can log an exception with support.

If you need to postpone or schedule your migration around blackout dates:

• Contact Microsoft 365 support to log an exception.  

Please click Additional Information to learn more.

Updated April 12, 2024: This update serves as a reminder regarding the upcoming retirement scheduled for April 2, 2026.

Since the release of SharePoint workflows, Microsoft has evolved workflow orchestration to not only encompass SharePoint, but all the productivity services you use with Microsoft 365 and beyond. With the continued investment in Power Automate as the universal solution to workflow, Microsoft is retiring SharePoint 2013 workflows.

[When this will happen:]

• Starting April 2nd, 2024, SharePoint 2013 workflows will be turned off for any newly created tenants.
• Starting April 2nd, 2026, Microsoft will remove the ability to run, or create and execute SharePoint 2013 workflows for existing tenants.

[How this will affect your organization]

If your organization still uses SharePoint 2013 workflows, they will no longer function after April 2nd, 2026. We recommend customers to move to Power Automate or other supported solutions.

[What you need to do to prepare]

You will want to notify your users, workflow developers and site owners. Update your user training and prepare your help desk.

For admins

• Use the Microsoft 365 Assessment tool to scan your tenants for legacy workflow usage.
• Review Guidance: Migrate from classic workflows to Power Automate flows in SharePoint
• Review the Power Automate resources as a solution to legacy workflows.

Note: There will not be an option to extend SharePoint 2013 workflow beyond April 2nd 2026.

Learn more:

• Detailed support article with additional resources. 
  

Updated April 12, 2024: This update serves as a reminder regarding the upcoming retirement scheduled for April 2, 2026.

Since the first use of Azure ACS (Access Control Services) by SharePoint in 2013, Microsoft has evolved the authorization and authentication options for SharePoint Online via Microsoft Entra ID (a.k.a. Azure AD). Using Microsoft Entra ID as auth platform for your SharePoint Online customizations will provide your applications the most secure, compliant and future proof model. With our continued investment in Microsoft Entra ID, Microsoft is retiring the use of Azure ACS as auth platform for SharePoint Online.

[Key Points:]

• Major: Retirement
• Timeline:
  • Starting November 1st, 2024, new tenants will not be able use Azure ACS.
  • Starting April 2, 2026, Microsoft will remove the ability use SharePoint ACS for existing tenants.
• Action: Review and assess impact

[How this will affect your organization]

If your organization still uses Azure ACS to grant custom developed or third party applications access to SharePoint Online, they will no longer have access after April 2nd, 2026. We recommend customers to update their customizations to use Microsoft Entra ID and ask their solution vendors to do the same.

[What you need to do to prepare]

You will want to notify your Azure ACS users and developers. Update your user training and prepare your help desk.

For admins

• Use the Microsoft 365 Assessment tool to scan your tenants for Azure ACS usage.
• Review the guidance for migrating from Azure ACS to Microsoft Entra ID.
• There will not be an option to extend Azure ACS usage for SharePoint Online beyond April 2nd 2026.

Learn more

• Support update for the retirement of Azure ACS for SharePoint Online in Microsoft 365.

Updated April 12, 2024: This update serves as a reminder regarding the upcoming retirement scheduled for April 2, 2026.

Since the release of SharePoint Add-Ins in 2013, Microsoft has evolved SharePoint extensibility using SharePoint Framework (SPFx) enabling you to write applications that can be used in Microsoft SharePoint, Viva Connections and Microsoft Teams. With our continued investment in SharePoint Framework, Microsoft is retiring SharePoint Add-Ins.

[Key Points:]

• Major: Retirement 
• Timeline:
  • Starting July 1st, 2024, SharePoint Add-Ins cannot be installed from the public marketplace, also referred to as store by existing tenants. Installation from a private tenant catalog stays possible.
  • Starting November 1st, 2024, new tenants will not be able use SharePoint Add-Ins, regardless of their origin (public marketplace, private tenant catalog).
  • Starting April 2nd, 2026, Microsoft will remove the ability use SharePoint Add-Ins for existing tenants.
• Action: Review and assess impact

[How this will affect your organization]

If your organization still uses SharePoint Add-Ins, they will no longer function after April 2nd, 2026. We recommend customers to port their customizations to SharePoint Framework (SPFx) and ask their solution vendors for updated solutions.

[What you need to do to prepare]

You will want to notify your Add-In users and developers. Update your user training and prepare your help desk.

For admins

• Use the Microsoft 365 Assessment tool to scan your tenants for SharePoint Add-In usage.
• Review the guidance for migrating from SharePoint Add-Ins to SharePoint Framework.
• There will not be an option to extend SharePoint Add-Ins beyond April 2nd 2026.

Learn more

• Support update for the retirement of SharePoint Add-Ins in Microsoft 365.

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

For a paused or completed project where owners want to preserve channel content, but no longer want to keep the channel active, they can archive channels now!

Archiving channels will be available for Teams users. You, as a channel owner or administrator can archive a channel you own. By archiving the channel, it will not be available in your and channel members teams and channels list anymore and no more actions will be allowed on the channel like messaging, reacting, commenting, editing etc. In case, you want, you can unarchive the channel as well, by going to manage teams > channels. Team members can hoist the channel in their left rail even after archival.

This message is associated with Microsoft 365 Roadmap ID 123769

[When this will happen:]

Targeted Release: We will begin rolling out late February 2024 (previously early February) and expect to complete by mid-March 2024 (previously mid-February).

Worldwide: We will begin rolling out mid-March 2024 (previously mid-February) and expect to complete by late April 2024 (previously early April).

[How this will affect your organization:]

Channel owners and administrators can now archive channels to avoid any activity on them and can restore if needed. Channel members will not be able to take actions on the channel like messaging, reacting, commenting, editing etc., but they can still access and read through the channel content. 

[What you need to do to prepare:]

Communicate teams and channel owners to utilize archive channel capability to keep the channel in read-only mode. 

Updated April 12, 2024: We have updated the timing of the “Defender Platform for Office 365” Service Plan availability to late July 2024. Thank you for your patience.

Microsoft Defender XDR unified role-based access control (URBAC) provides an alternative to traditional Microsoft Defender for Office 365 (MDO/EOP) and Exchange Online (EXO) RBAC.

[When this will happen:]

Microsoft Defender XDR unified role-based access control (URBAC) is generally available. 
The “Defender Platform for Office 365” Service Plan will start rolling out in late July 2024.

[How this will affect your organization:]

Microsoft Defender XDR unified role-based access control (URBAC) enables organizations to configure a single set of permissions for their security teams that work for Defender for Office, as well as the other Defender solutions. URBAC is currently in opt-in mode. 
The new Service Plan has no impact on your organization. 

[What you need to do to prepare:]

Microsoft Defender XDR unified role-based access control (URBAC) provides an alternative to traditional Microsoft Defender for Office 365 (MDO/EOP) and Exchange Online (EXO) RBAC. By default, there are no changes to your security portal permissions. If you want to enable Unified RBAC, then you must first configure the new URBAC roles for your organization. Once you have configured these roles, then you can enable use of URBAC for ‘Microsoft Defender for Office’ permissions and/or ‘Exchange Online’ permissions. Doing so replaces your existing RBAC with the new roles. You can find more information over here – Microsoft 365 Defender Unified role-based access control (RBAC) | Microsoft Learn. 

Unified RBAC provides an import roles wizard which will help migrate the permissions from your Microsoft Defender for Office 365 role groups. It will create URBAC role groups with permissions that mirror the legacy permissions and groups you have already set up. It will not migrate/replicate Exchange Online permissions – these will require manual configuration in URBAC role groups. 

Please note that URBAC will continue to respect existing Microsoft Entra global roles when you activate the Microsoft Defender XDR Unified RBAC model for Defender for Office 365. i.e. Global Admins and Security Admins will retain assigned admin privileges.

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Microsoft Teams Phone Mobile will now support group calls and meeting nudges when a call is answered on a native dialer.

This message is associated with Microsoft 365 Roadmap ID 381428.

[When this will happen:]

Worldwide, GCC: We will begin rolling out early March 2024 and expect to complete by late April 2024 (previously late March).

[How this will affect your organization:]

Users will now have group calls and meeting nudges available when a call is answered on a native dialer.

[What you need to do to prepare:]

No action is needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.

Learn more: Configure Teams Phone Mobile – Microsoft Teams | Microsoft Learn

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

In Microsoft Teams Admin Center (TAC), we are introducing a feature update to the export functionality for External Domain Activity reports. 

Previously, this report was not exportable. Now, the report can be exported to .csv files where admins can view and manipulate the raw data so that they can show the data to other stakeholders in their organization, visualize the data, write scripts based on the data, and more.

This message is associated with Microsoft 365 Roadmap ID 382642

[When this will happen:]

Standard Release: We expect rollout to begin and end in late April 2024 (previously late March).

[How this will affect your organization:]

Inactive teams and inactive external domains reports are available in Teams Admin Center through Usage reports. Admins can export the reports by clicking the Excel icon at the top of the report. This report will not affect end users. 

[What you need to do to prepare:]

There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

We’re refreshing the file creation experience in OneDrive for the web. Soon, when you select the Add new button, you will have the option to create a new blank file or to choose from high-quality, beautifully designed templates in Microsoft Word, Excel and PowerPoint to jumpstart your work. You’ll also be able to create new files using your company templates.

This message is associated with Microsoft 365 Roadmap ID 363474.

[When this will happen:]

Note: Some users may see these features before other users within the same organization.

Targeted Release: We will begin rolling out early March and expect to complete by late March 2024.

General Availability (Worldwide): We will begin rolling out late March and expect to complete by early May 2024 (previously mid-April).

[How this will affect your organization:]

When this change rolls out, you’ll see a refreshed experience when you select Add New in OneDrive for the web. You’ll continue to be able to upload files and folders and create new files and folders, just as before. Now you’ll also be able to create new files from templates and easily choose where your new files will be stored.

Create with templates

We’ve designed and curated a vast selection of templates to help you and your users get a jump start on work. You can browse templates by category (for example, Presentations) or search for a specific template. You can preview each template and create a new file from it in one click or navigate to the template details page for more information.

If your tenant has templates stored in an organizational asset library, these templates also will be available. You’ll see a separate category for your tenant’s templates listed after the Recommended category.

Select a Location

You can choose where your new file is created with a simple dropdown. The default location will continue to be My files, but you can select a new location if you want to create in a specific folder or in a Document library in Quick access. If you’ve selected Add New from inside a folder, the new file will be created in that folder.

[What you need to do to prepare:]

No action is needed from admins to prepare for this rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

Learn more: Create an organization assets library – SharePoint in Microsoft 365 | Microsoft Learn

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

We will be releasing two Out of Box Experience (OOBE) reports for leaders in the Microsoft Viva Insights app in Microsoft Teams with the following themes:

• New hire onboarding and integration
• External focus for leaders

Note that leaders are defined as users who have been assigned the group manager role in Viva Insights and have a span of control of at least 9 licensed users.

This message is associated with Microsoft 365 Roadmap ID 164211.

[When this will happen:]

Worldwide:

• External Focus Report: We will begin rolling out in late March 2024 and expect to complete by mid-April 2024.
• New Hire Onboarding Report: We will begin rolling out in late April 2024 and expect to complete by early May 2024.

[How this will affect your organization:]

Details regarding the two new reports are as follows:

• New Hire Onboarding and Integration: This report helps leaders understand the onboarding experience of new hires as well as the transition for employees who have started in a new role within the company. The report also identifies opportunities to improve the onboarding and professional development experience.
  
  
• External Focus: This report helps leaders understand how employees are managing external relationships and how different parts of the company may have been impacted by business shifts. Information from this report can help leaders improve their strategies for communicating and collaborating with external groups.

The left-hand navigation will be updated to highlight this new value.

[What you need to do to prepare:]

Review and assess the impact for your organization. 

Learn more details about the Leader reports.

Additionally, you may want to notify your users about this change and update any relevant documentation as appropriate. 

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Microsoft Whiteboard will provide the ability to @mention users from within a comment. 

This message is associated with Microsoft 365 Roadmap IDs 164888 and 164889.

[When this will happen:]

Worldwide: We will begin rolling out in late April 2024 (previously early April) and expect to complete by late May 2024 (previously late April). 

[How this will affect your organization:]

When using Microsoft Whiteboard, users will be able to @mention other users within their tenant inside of a comment. The flow will look and feel similar to other Microsoft Office applications such as Word, Excel, and PowerPoint. The user will type an @ symbol followed by the name of the user they would like to @mention in the text of a comment.  

If the @mentioned user is not actively using Whiteboard then they will be sent a notification via email and via the Microsoft Outlook notification bell. Inside of Whiteboard, the @mentioned user will see a blue @mention badge on the comment in which they are mentioned.  

Additional things to note: 

• Users will be shown a teaching callout within Whiteboard to inform them of the new @mention feature.  
• Similar to the blue @mention badge, users will see a new red badge on comments that will display the number of replies in that comment thread that they have yet to read.  

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Updated April 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Coming soon: We are excited to announce that the Microsoft Teams meeting policies for Copilot will be enforceable. You will be able to require Copilot to be used with a standard transcript that is retained after the meeting ends. Before the rollout, meeting organizers could override any Copilot meeting policies. We have also refreshed the Copilot controls in the Teams admin center (TAC) and the meeting options with new wording and descriptions that help clarify what each setting does for you and your users. The new meeting option values are designed to separate Copilot from transcription, making it easier for meeting organizers to understand exactly how Copilot works during and after a meeting.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late April 2024 and expect to complete rollout by early May 2024.

[How this will affect your organization:]

Before the rollout, the TAC Copilot setting options were:

Copilot

• On with transcript
• On

These options set the defaults for Copilot in meetings.

After the rollout, the TAC Copilot setting options will be:

Copilot

• On only with transcript
• On

If On only with transcript is selected, users with this policy assigned will only be able to organize meetings in which Copilot requires standard transcription to be turned on. 

Before the rollout, the Copilot meeting options were:

Copilot

• Without transcription
• With transcription

After the rollout, the Copilot meeting options will be:

Allow Copilot

• Only during the meeting
• During and after the meeting

The new meeting options are functionally the same as before the rollout. Learn more at Use Copilot without recording a Teams meeting – Microsoft Support.

How these controls work together

• If you set Copilot to On only with transcription, then the Copilot meeting option will be locked to During and after the meeting for meeting organizers. For Copilot to be used, transcription must be activated by a meeting participant with permission to transcribe.
  
• If you set Copilot to On, then the Copilot meeting option will be Only during the meeting by default. Meeting organizers can change the meeting option value to During and after the meeting to require transcription to be turned on for Copilot.
  

[What you need to do to prepare:]

If you want to allow users to use Copilot without turning on transcription, you must change the Copilot meeting policy value to On in the TAC.

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

Learn more

• For admins: Manage Copilot for Microsoft Teams meetings and events – Microsoft Teams | Microsoft Learn (We will update this comm before rollout with revised documentation.)
• For users: Use Copilot without recording a Teams meeting – Microsoft Support

In Microsoft Teams, collaborative annotations enable meeting participants with the presenter role to enable annotations after sharing their screen. This allows everyone in the meeting to draw, add a note, react, highlight text, and more to share their thoughts right on the content, live with everyone else. Participants sharing their screen will have the ability to save content with collaborative annotations as a Microsoft Whiteboard, enabling all meeting participants to revisit this content and continue collaborating after the meeting.

This message is associated with Microsoft 365 Roadmap ID 109573

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out in late May 2024 and expect to complete by late June 2024.

[How this will affect your organization:]

Saving meeting content with collaborative annotations as a Whiteboard is available on desktop (Microsoft Windows and Mac). When users who share their screen in Teams meetings and select Start annotation in the presenter toolbar, they will see a new Save button in the Whiteboard toolbar that will allow users to capture all annotations from the meeting in one Whiteboard file. 

Capture your annotations and view them in the Whiteboard: 

View all your saved snapshots from the meeting in a Whiteboard:

[What you need to do to prepare:]

This rollout will happen automatically by the specified dates with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate. 

Learn more: Use annotation while sharing your screen in Microsoft Teams – Microsoft Support (We will update this comm before rollout with revised documentation)

Watch: How to use Collaborative Annotations in a Microsoft Teams meeting (2022)

Coming soon for Microsoft Viva Goals: Check-In templates will allow team owners in Viva Goals to specify a template for check-ins in new teams that they manage.

When a goal owner on the team starts a check-in, the template will be applied automatically.

This message is associated with Microsoft 365 Roadmap ID 375201.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late April 2024 and expect to complete by late April 2024.

[How this will affect your organization:]

Existing teams in a Viva Goals organization will have the feature turned off. Team owners can turn on the feature in Team settings > Check-ins > Check-in note template.

New teams will have the check-in template turned on by default. The template will ask for Highlights, Lowlights, and Learnings on each check-in.

[What you need to do to prepare:]

This feature is turned on only for new teams, so communication to existing teams is not necessary unless you want to evangelize the feature.

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to update any relevant documentation as appropriate.

To learn more about Microsoft’s own review of this product with its works councils, please consider reading: Viva Goals Works Council Approval at Microsoft 

Coming soon: We will enhance the Recommend feature in Microsoft Viva Learning with the ability to recommend content to user groups.

This message is associated with Microsoft 365 Roadmap ID 118677.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out early April 2024 and expect to complete by late April 2024.

[How this will affect your organization:]

Users with Viva Learning licenses can now recommend courses to existing Microsoft 365 groups, security groups or distribution lists.

Learn more: Recommend and manage content in Viva Learning – Microsoft Support (We will update this comm before rollout with revised documentation.)

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

As announced in MC541158 (April 2023) the Azure Information Protection (AIP) Unified Labeling add-in for Office is retired on April 11th, 2024.

[When this will happen:]

Important retirement milestones are:

• April 11th, 2024 – New Client: Release of the Microsoft Purview Information Protection client for preview on the Microsoft Download Center. This client version 3.0 does not include the AIP Add-in for Office. To continue using the Information Protection Scanner, Viewer and File Labeler, your organization must upgrade and deploy the new client package.
• April 11th, 2024 – Previous Client: AIP Unified Labeling add-in is retired and no longer in support. Extensions to continue using the AIP add-in are granted on a case-to-case basis; please reach out to Microsoft Support or your account team.
• May 2024: AIP Unified Labeling add-in permanently disabled in Office. AIP Unified Labeling add-in for Office clients will be blocked from using the add-in and download of label policy will fail for all clients without extensions.

[How this will affect your organization:]

You are receiving this message because your organization owns one or more licenses for Azure Information Protection. To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office applications, you must transition to the built-in labeling experience in Microsoft 365 Apps.

[What you need to do to prepare:]

For detailed migration steps, refer to our playbook: From bolt-on to built-in – Migrate from Azure Information Protection Add-in.

For the announcement and FAQs of the retirement, refer to our blog: Retirement notification for the Azure Information Protection Unified Labeling add-in for Office.

In Microsoft Purview Audit, the Search-UnifiedAuditLog cmdlet in Microsoft Exchange Online PowerShell is used to retrieve Audit logs from a specific date range or filtered results based on specified criteria. Very large queries aimed at retrieving a large number of audit records are susceptible to timeouts and may miss some results. With this new feature, we are introducing the HighCompleteness parameter to the cmdlet.

Please note that using this parameter can result in results being returned more slowly.

This message is associated with Microsoft 365 Roadmap ID 388735.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DOD): We will begin rolling out early May 2024 and expect to complete by late May 2024.

[How this will affect your organization:]

When enabled, the HighCompleteness parameter will provide a more exhaustive and comprehensive set of audit log records by prioritizing completeness of search results over speed of retrieval. When disabled, the query runs faster but may have missing search results.

There will be no immediate impact to your existing use of Search-UnifiedAuditLog. To use the new HighCompleteness parameter, please refer to this sample request:

Search-UnifiedAuditLog -StartDate 5/1/2023 -EndDate 5/2/2023 -HighCompleteness true

Learn more: Search-UnifiedAuditLog (ExchangePowerShell) | Microsoft Learn

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

• April 9, 2024: Initial deployment phase started with the release of the April 2024 security update.
• October 15, 2024: The Enforced by Default phase starts where Windows domain controllers and clients will move to Enforced mode. Note that during that during this phase, the Enforced by Default settings can be overridden by an Administrator to revert to Compatibility mode.
• April 8, 2025: Enforcement phase begins with no option to revert the new secure behavior.

1. UPDATE: Windows domain controllers and Windows clients must be updated with a Windows security update released on or after April 9, 2024.
2. MONITOR: Audit events will be visible in Compatibility mode to identify devices not updated.
3. ENABLE: After Enforcement mode is fully enabled in your environment, the vulnerabilities described in CVE-2024-26248 and CVE-2024-29056 will be mitigated.

• KB5037754: How to manage PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056
• KB5020805: How to manage Kerberos protocol changes related to CVE-2022-37967