Microsoft Roadmap, messagecenter en blogs updates van 31-01-2025

Updated January 30, 2025: We have updated the rollout timeline below. Thank you for your patience.

We’re changing the way Outlook for iOS authenticates users with the Authenticator mobile app integration to match Outlook for Android. Currently in Outlook for iOS users are required to tap a button called “Open Authenticator” to initiate the Authenticator app authentication flow. In Outlook for Android this flow opens automatically without requiring the user to tap a button. We will now be matching that behavior in iOS so the user no longer has to tap the “Open Authenticator” button.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out this change in early January 2025 (previously late November) and expect to complete by late January 2025 (previously mid-December).

[How this will affect your organization:]

You are receiving this message because our reporting indicates your organization may be using Outlook for iOS. To see how many users are currently using Outlook for iOS there are report instructions here: Microsoft 365 Reports in the admin center – Email apps usage

Users will no longer need to tap the “Open Authenticator” button to initiate Authenticator app based mobile authentication, when this change is implemented.

[What you need to do to prepare:]

When this change takes effect, users and admins will not need to do anything for your organization to take advantage of this behavior.

Information about device enrollment with Intune for iOS can be found here: Overview of Apple device enrollment in Microsoft Intune.

Updated January 15, 2025: With the Email OTP verification meeting option rollout to Targeted Release for end users, Admins should note that the new meeting policy called Anonymous users can join a meeting after verifying will be available in Teams Admin Center for all organizations, even those in General Availability. For tenants where the Anonymous users can join meetings option is disabled in meeting policy and admins would like to continue to block all unverified (anonymous) users joining meetings, admins should update the new meeting policy setting Anonymous users can join a meeting after verifying from “By e-mail code” to “No” by mid-February. Without changing the default, this new feature introduces an additional way for unverified (anonymous) users to join meetings by e-mail code without needing an MSA or Entra account. Admins can reference documentation on managing the new meeting policy setting here: Manage anonymous participant access to Teams meetings, webinars, and town halls (IT admins) – Microsoft Teams | Microsoft Learn

The experience for attendees to verify their email with OTP prior to joining meetings is available only for meetings created by organizers that have a Teams premium license. However, the new meeting option to require verification will be available to all meeting organizers without Teams Premium license as well, for these meetings, attendees can join meeting after verifying with their TFL account or Entra account.

After this rollout, Microsoft Teams meeting organizers will have a new meeting option to enable and require unverified (aka anonymous) participants joining meetings to verify their email addresses with a one-time password (OTP) verification code before joining the meeting. Tenant admins will have a new meeting policy to manage and control this setting in the Teams admin center. This message applies to Teams on Windows desktop, Teams on Mac desktop, Teams on the web, and Teams for iOS/Android.

This message is associated with Microsoft 365 Roadmap ID 418125.

 [When this will happen:]

Targeted Release: We will begin rolling out mid-January 2024 and expect to complete by late January 2025.

General Availability (Worldwide): We will begin rolling out late March 2025 and expect to complete by early April 2025.

[How this will affect your organization:]

Tenants where the Anonymous users can join a meeting setting is currently disabled will be affected by this update. In the Teams admin center, a meeting policy controls whether anonymous users can join meetings. If this setting is turned off, users without an MSA (Microsoft Account) or Microsoft Entra account are currently unable to join meetings. With the introduction of this new feature, we are enabling an additional option for unverified (anonymous) users to join meetings without requiring an MSA or Entra account.

This change will be available by default.

Admin controls: Admins will have a new meeting policy called Anonymous users can join a meeting after verifying by email code that complements the existing meeting policy where tenant admins already have the control to enable Anonymous users can join a meeting (unverified): 

When admins choose to turn on both the meeting policies for the users in the organizations, they leave the choice of requiring email verification to the meeting organizers via a new meeting option that will be available for them.

Meeting Organizer Controls: When scheduling meetings, meeting organizers will now have a new meeting option called Require unverified participants to verify their info before joining that will be set to default off if you have enabled unverified joins. Organizers can choose to require participants to verify themselves by turning on this meeting option.

Participant Experience: When organizers choose to require unverified participants from joining meetings, participants will be required to authenticate themselves when attempting to join the meeting. Participants can use credentials from a Microsoft work account, Microsoft school account, or personal Microsoft account for authentication. Participants without any of these Microsoft accounts will need to verify by entering their email address, and then participants will receive a one-time passcode for verification.

Participants who verify the same email address that the meeting invitation was sent to will be allowed to join the meeting directly if the Lobby bypass setting permits invited participants. Conversely, participants verifying with a different email address will be placed in the lobby and labeled as Email verified:

The Email verified tag and the email address participants entered for verification will be shown on the profile card of the participant in the lobby, meeting roster, and meeting chat:

[What you need to do to prepare:]

For tenants where the Anonymous users can join meetings option is disabled, admins should assess the impact of the email OTP verification feature and update the meeting policy settings accordingly to suit their organization’s requirements. This new feature introduces an additional way for unverified (anonymous) users to join meetings without needing an MSA or Entra account.

This rollout will happen automatically by the specified date with no admin action required before the rollout. 

Updated January 30, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon to Microsoft 365 Copilot Business Chat (BizChat): When a Business Chat user requests to schedule a meeting with someone using natural language, Business Chat will offer an option to Continue in Outlook.

This message applies to Business Chat on Windows and Mac desktops and Microsoft Outlook for the web.

A Microsoft 365 Copilot license is required to use this feature.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out in early February 2025 (previously mid-January) and expect to complete by late February 2025 (previously late January 2025).

[How this will affect your organization:]

After this rollout, when a user selects Continue in Outlook, the user will be taken to their Calendar in Outlook on the web to schedule the meeting.

This change will be available by default.

Image caption: In Business Chat, a user requests to schedule a meeting. Business Chat responds, suggesting the user continue the task in Outlook and providing the Continue in Outlook button:

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Users familiar with keyboard shortcuts from third-party chat and meeting applications can use those same shortcuts in Microsoft Teams. To enable this, go to the Settings and more button in the upper right, access the keyboard shortcuts dialog, and select a communication or meeting layout. This allows users to apply the shortcuts they are used to from other applications.

This message is associated with Microsoft 365 Roadmap ID 472913.

[When this will happen:]

Targeted Release: We will begin rolling out mid-March 2025 and expect to complete by late March 2025.

General Availability (Worldwide): We will begin rolling out early April 2025 and expect to complete by mid-April 2025.

[How this will affect your organization:]

Users in your organization can now customize their keyboard shortcut layout to better suit their preferences in Teams.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Coming soon for Microsoft Defender for Cloud Apps:

• A change to alerts generated by events originating from Defender for Cloud Apps that are generated in the Microsoft Defender XDR detection engine
• A change to App governance alerts

This rollout aims to provide more accurate and precise information on the origin of these alerts, enabling customers to identify, manage, and respond to alerts more effectively.

[When this will happen:]

General Availability (GCC, GCC High, DoD, Production, DoD): We will begin rolling out early March 2025 and expect to complete by early April 2025.

[How this will affect your organization:]

We will change the field indicating the alert source in the alert data itself. Note: The rollout will only affect new alerts generated after the rollout and will not alter existing alerts.

This rollout will be reflected in all experiences where alerts are represented, including Incidents & alerts queues in the XDR portal, Advanced hunting, and the correlating APIs and SIEM systems.

In the Defender XDR portal, the change will be reflected in the Service sources field, replacing the current Microsoft Defender XDR and App governance values with the new value Defender for Cloud Apps. The detection sources will remain unchanged and will continue to indicate the detections are generated in the XDR detection engine, App governance policy, or App governance detection.

The alert ID prepended characters of some of the alerts will also be changed to comply with the Defender XDR mapping.

Service/Detection sources filter in the Incidents queue. Left: Before the change. Right: After the change:

Learn more about the different alert sources in Defender XDR in the Alert sources section of Investigate alerts in Microsoft Defender XDR – Microsoft Defender XDR | Microsoft Learn

In the Microsoft Graph API, Microsoft Defender for Endpoint streaming API, and the Microsoft Azure Events Hub, the change will be reflected in the alert resource type under the property serviceSource, and the previous values of microsoft365Defender and microsoftAppGovernance will change to microsoftDefenderForCloudApps.

Learn more about the Graph API alert resource: alert resource type – Microsoft Graph v1.0 | Microsoft Learn

Learn more about Streaming API: Stream Microsoft Defender XDR events – Microsoft Defender XDR | Microsoft Learn

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout.

Administrators should review and update any custom alert rules, playbooks, or automations involving the alerts mentioned above (Service sources = Microsoft Defender XDR and Detection sources = Defender XDR, or Service sources = App governance), to ensure they reflect the new value. You may also want to notify your users about this change and update any relevant documentation.

As a reminder, detection sources will remain unchanged, so if you only filter on detection sources, everything should continue to function as normal.

We are excited to announce the upcoming People administrator role in Microsoft Entra, designed to improve and streamline administrative capabilities in Microsoft 365. Developed from customer feedback, this role will provide dedicated permissions for managing people-related settings and profile photos without needing the high privileges of Global admin or User admin roles.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early February 2025 and expect to complete by late February 2025.

[How this will affect your organization:]

After this rollout, admins will be able to assign the new People admin role to users in:

• Entra Portal
• Microsoft 365 Admin Center

What are the capabilities of the People admin role?

1. Update profile photos for all users, including admins.
2. Update people settings for pronouns and name pronunciation, Profile card settings, and photo update settings for all users.

Why is this new role a better solution?

The People admin role allows organizations to delegate people-related tasks more effectively and securely. By limiting access to necessary settings, it reduces risks associated with higher privilege roles and aligns with user jobs focused on people administration.

The People admin role will enable organizations to:

• Delegate tasks without giving excessive permissions to other admins.
• Access new features and configurations in the People domain more easily.
• Maintain security by avoiding the use of highly privileged roles for routine tasks.

This role complements existing roles and enhances satisfaction with Microsoft administrative tools.

[What you need to do to prepare:]

We recommend admins:

1. Review the People admin role documentation to understand its capabilities.
2. Assess current roles to identify where the new role fits.
3. Communicate changes to staff if needed, highlighting improved delegation and people-related access.
4. Review your current configuration to determine the impact on your organization.

This rollout will happen automatically with no admin action required before the rollout. The People admin role will be available by default.

Learn more

• Microsoft Entra built-in roles – Microsoft Entra ID | Microsoft Learn (will be updated before rollout)
• About admin roles in the Microsoft 365 admin center – Microsoft 365 admin | Microsoft Learn (will be updated before rollout)
• Assign Microsoft Entra roles – Microsoft Entra ID | Microsoft Learn

1. Navigate to the Power Platform admin center and sign in.
2. Go to the Security section.
3. Navigate to settings and manage security settings for owned environments.

We've released updates to the following update channel for Microsoft 365 Apps:

• Current Channel

[When this will happen:]

We'll be gradually rolling out this update of Microsoft 365 Apps to users on that update channel starting January 30th, 2025 (PST).

[How this will affect your organization:]

If your Microsoft 365 Apps clients are configured to automatically update from the Office Content Delivery Network (CDN), then no action is required.

If you manage updates directly you can now download this latest update and begin deployment.

[What you need to do to prepare:]

To get more details about this update view the following release notes:

• Current Channel

In MC928045 Update on Controls for Agents in Microsoft 365 Copilot (November 2024), we announced the upcoming removal of the Microsoft Copilot extensibility preview control. In response to customer feedback, the control will remain a production setting and exit preview to aid your management of agents and Copilot extensibility.

In addition to maintaining this setting, Microsoft is committed to improving your ability to manage agents through improved reporting (including Shared agents) and more granular agent controls including agent metadata, shared agent inventory and blocking ability (refer to MC990963 Microsoft 365 admin center: Enhancements to Integrated apps page, January 2025) and environment-based controls in the Microsoft Power Platform admin center.

[When this will happen:]

Access to the current control will remain in effect and the preview badging of the control will be removed in February 2025.

[How this will affect your organization:]

This setting and its current behavior will be maintained so there is no effect on your organization.

[What you need to do to prepare:]

There is no need for action and current settings will be maintained.

This rollout will happen automatically by the specified date with no admin action required before or after the rollout. Review your current configuration to determine the impact for your organization.