Update

Summary The Global Discovery Service (GDS) API will be retired, and its REST API endpoints will no longer be available. Applications and scripts using GDS endpoints need to be identified and updated to use the Power Platform List Environments API. Testing of updated integrations against the new endpoints is required to ensure compatibility. Authentication must …

Summary Windows 365 Cloud PCs with Secure Boot enabled must transition to Secure Boot 2023 certificates. Using expired 2011 certificates may lead to decreased protection against boot-level malware and inability to validate newer boot components. Cloud PCs without Secure Boot enabled are not affected by this change. IT administrators should ensure Secure Boot remains enabled …

Summary Microsoft Registration Campaigns will support Passkeys (FIDO2) as an additional authentication method to enhance security against phishing. Changes will automatically update from Microsoft Authenticator to Passkeys (FIDO2) for eligible tenants under certain conditions. Affected users will receive Passkey registration nudges at sign-in after completing MFA to encourage registration. Administrators can opt users into Passkey …

Summary Simplification of Planner and Project licensing with specific SKUs being retired. New purchases of Planner and Project Plan 5 will no longer be available post-End of Sale. Project Online Essentials is already End of Sale and not available for new purchases. Existing customers should plan to transition to supported SKUs based on their needs. …

Summary Licensing updates to simplify the Planner and Project SKU lineup are being implemented. Project Online will be retired on September 30, 2026. New purchases of Planner and Project Plan 5 will end after the designated date. Existing customers need to transition to supported SKUs based on their usage needs. Immediate service impact is not …

Summary DirectQuery support in the Viva Insights Connector for Power BI is being retired, encouraging a shift to Import connectivity mode. Existing DirectQuery-based Power BI reports will not refresh, and attempts to connect using DirectQuery will fail. Unpivoted schema type and Aggregated data granularity options will also be retired. Analysts need to convert DirectQuery reports …

Summary For tenants with more the 2000 users Copilot will no longer be available in Word, Excel, PowerPoint, and OneNote for users without a Microsoft 365 Copilot license. Users without the license will see the “Copilot Chat (Basic)” label, while licensed users will see “M365 Copilot (Premium).” Copilot will continue to be accessible in the …

Summary Windows updates in April 2026 will change default Kerberos ticket behavior to AES-SHA1-only for accounts without explicit encryption type settings, potentially causing authentication issues for environments relying on RC4. Audit mode will be available until July 2026 for manual rollback; after that, only Enforcement mode will remain. Organizations should monitor System event logs for …

Summary Custom theming for model-driven apps using the modern look allows for branding alignment through color, font, and header style customization. Classic theming will not be supported in the modern look, necessitating a transition to custom modern themes. Custom theming enables a cohesive color scheme, customizable app header, custom logo integration, and font overrides. The …

Summary Microsoft is retiring support for several legacy Teams Phone devices that will no longer function post-retirement. Impacted devices will not be able to sign in, make, or receive calls. Hardware replacement is necessary, as there is no automatic upgrade path. Organizations should plan to replace affected devices and communicate this change to users. Review …

Summary New auto-labeling actions for SharePoint and OneDrive will allow administrators to override or remove existing sensitivity labels automatically. Admins must configure these actions in the Microsoft Purview portal; they are not enabled by default. This change impacts organizations using auto-labeling policies, improving data governance and consistency. Relevant stakeholders should be informed that sensitivity labels …

Summary Microsoft Purview network data security now integrates with Island, enhancing data protection for browser-based workflows. This integration allows for the configuration of DLP policies to inspect data shared with unmanaged cloud apps. It requires admin action to enable; the feature is not activated by default. Existing Purview policies will apply automatically if the integration …

Summary Live transcription capabilities are being added to Microsoft Teams Rooms on Android, providing real-time transcription with speaker attribution and timestamps. Transcripts are displayed on the front-of-room screen. Only organizations with Teams Rooms Pro licenses will receive this feature. Users can start transcription easily from the room console; notifications will inform participants when transcription is …

Summary A new soft purge mitigation action will be added in Data Security Investigations (DSI) for quick removal of sensitive items. Soft purge allows items to be deleted but remain recoverable until the retention period expires. The feature is enabled by default with no need for configuration; existing DLP, labeling, and retention policies remain unchanged. …

Summary Microsoft will retire the Semi-Annual Enterprise Channel installation option for unmanaged devices in April 2026. This change affects admins managing installation options for unmanaged devices and tenants using this channel exclusively. Existing unmanaged devices on this channel will not change until manually updated; however, the channel selection will appear grayed out if switched. Devices …

Summary The Semi-Annual Enterprise Channel option will be retired from the Office Deployment Service. Organizations using the Semi-Annual Enterprise Channel will have this option removed from new deployment configurations, but existing configurations will remain unaffected. Only the Current Channel and Monthly Enterprise Channel will be available for new configurations. No immediate action is required, but …

Summary Windows 2011 Secure Boot certificates will expire, requiring updates to new certificates issued in 2023 for ongoing security. Devices will still function normally but will not receive new boot-level security protections without updated certificates. Intune can be used to manage and deploy Secure Boot certificate updates on Windows clients. Administrators should enable specific settings …

Summary The March 2026 security update is available for all supported Windows versions. It includes quality improvements and enhancements to the servicing stack. New high-confidence device targeting is added for Secure Boot certificate delivery. File Explorer search reliability is improved when searching across multiple drives. A warning dialog is added to confirm the trustworthiness of …

Summary Microsoft 365 Copilot Chat will allow users to draft, edit, and send Outlook emails directly within the chat interface. An embedded Outlook compose form will appear when users request to draft an email. The feature will be enabled by default for all users with eligible licenses. The feature will be available in the Copilot …

Summary A new “Follow” option will be available for meetings in Outlook Mobile, allowing users to stay informed when they cannot attend. The “Follow” option appears in the mobile RSVP menu, while the “Maybe” response moves to an overflow menu. The feature is enabled by default for all tenants, with prompts for organizers to record …

Summary The -Credential parameter will be removed from Connect-ExchangeOnline and Connect-IppsSession cmdlets in Exchange Online PowerShell, affecting automation scripts that use it. Organizations must migrate to supported authentication methods before upgrading to module versions released after the removal. Alternatives include switching to modern authentication with MFA, using app-only authentication for non-Azure automation, or managed identity …

Summary Windows Autopatch will enable hotpatch security updates by default for eligible Intune devices, improving security speed. Devices will receive updates without requiring a restart, securing them faster and saving an average of three to five days. A tenant setting to opt out of hotpatch updates will be available for those not ready for the …

Summary Updates to Microsoft 365 Apps released for Current Channel, Monthly Enterprise Channel, and Semi-Annual Enterprise Channel. Users on automatic updates from Office CDN will need no action; manual managers can download updates now. Release notes available for detailed information on each channel’s updates. Admin Impact: Medium User Impact: Low Release Start: 10 Mar 2026 …

Summary Private chat will be introduced in Teams Rooms on Windows for organizers, co-organizers, and presenters during structured meetings and webinars. Two chat options will be available: one for private communication among event teams and another for all attendees. Users can switch between the two chat panels using a new dropdown on the chat button. …

Summary Anthropic Claude Sonnet is now available for Microsoft 365 Copilot licensed users, alongside OpenAI models. Users can select Claude Sonnet in the model selector within Copilot Chat. Regions where Anthropic is set to “Off by default” require admin opt-in for model availability. Data protection standards remain unchanged; Anthropic is a Microsoft subprocessor. Users in …

Summary Windows Autopatch will enable hotpatch security updates by default for eligible Intune devices. Hotpatch updates allow devices to be secured faster without waiting for a restart, reducing update delay by three to five days on average. Devices will still require restarts during specified baseline months (January, April, July, and October). Recommended to ensure devices …

Summary Microsoft Agent 365 will be Generally Available (GA) after extensive customer feedback from the Frontier program. Administrator planning or evaluating Agent 365 deployment will be affected. Customers in the Frontier program will maintain access to early features and continue to provide feedback. Trial and paid options for Agent 365 will be made available before …

Summary AI citations analytics will be added to SharePoint for better tracking of document references by Microsoft Copilot and other AI agents. New metrics will include popular content based on citations, total citations for pages, and an AI citations analytics page under Site Usage. No admin action is required for enabling this feature, which will …

Summary Microsoft Entra passkeys will enable phishing-resistant, passwordless sign-in using Windows Hello methods. No impact on organizations unless they opt in to enable passkeys. Users can authenticate on both managed and unmanaged Windows devices through individual passkeys. Each passkey is device-bound and does not sync across devices, requiring separate registration for each account. Existing authentication …

Summary Outlook for iOS and Android will support recommended and automatic sensitivity labels during email composition. Users will be prompted to review suggested labels when sensitive information is detected. Automatic labels will be applied without any action required by the user. The feature is enabled by default for organizations with existing Microsoft Purview sensitivity labeling …

Summary Copilot highlights in Viva Glint will provide AI-generated summaries of employee survey results in supported reports. The feature will automatically appear as a collapsible card at the top of relevant reports, showing key insights and trends. No additional configuration is needed; it will be available when Copilot in Viva Glint is enabled. Users must …

Summary New policy configuration options in Microsoft Purview Data Loss Prevention (DLP) enhance data security for unmanaged cloud apps and Edge for Business. Administrators gain more granular controls, including scoping collection policies by sensitivity labels and defining conditions for DLP policies. Email notifications can be configured to alert users when activities are blocked. Existing policies …

Summary New feature allows switching from offline to online mode in Canvas apps to access Dataverse data. Real-time updates will be available when online mode is enabled. No action is required from users; this message is for awareness. Admin Impact: Low User Impact: High Release Start: 03 Apr 2026 Release End: 03 Apr 2026 Services: …

Summary New feature allows configuration of offline profiles using the FetchXML editor in Power Apps. Direct control over query logic for offline profiles enhances the app-building workflow. Access the FetchXML editor directly within Power Apps Studio for easier customization of data filters. No action required; message is for awareness only. For more details, visit the …

Summary Teams Meeting Recording expiration notification emails will be disabled to reduce notification noise. All Microsoft 365 tenants and users receiving these emails will be affected. Users will no longer receive notifications for recording expirations, but policies regarding recording expiration and deletion remain the same. No action is required from administrators or users; however, optional …

Summary A Data Privacy message is available in Message Center for the organization. Access is limited to Global Administrators or designated Message Center Privacy Readers. Change is categorized under ‘GDPR’ and ‘PreventOrFixIssue.’ The change is of high importance, requiring action to avoid service disruptions. Message Center contains further details to be reviewed by the appropriate …

Summary Windows 365 will enforce stricter endpoint validations for Azure Network Connection health checks. Health check failures will result in an “Error” status, blocking new provisioning attempts until resolved. Acesss to the following endpoints is required: *.service.windows.cloud.microsoft.com, *.windows.cloud.microsoft.com, and *.windows.static.microsoft.com. Review network configurations to ensure these endpoints are accessible through firewalls and security devices. No …

Summary A new Defender XDR Unified RBAC permission allows admins to preview and download email content tied to specific alerts without broad email access. The new permission is called “Emails associated with alerts (read)” and currently applies to alerts for emails reported as malware or phishing. Existing roles and workflows remain unaffected, and admins with …

Summary Update Secure Boot certificates across your organization before June 2026 to avoid potential issues. Participate in a fast-paced walkthrough event for guidance on testing firmware, monitoring device readiness, and deploying updated certificates. Join a Q&A session with the engineering team to address any questions regarding Secure Boot updates. Registration isn’t required, but a Microsoft …

Summary Microsoft Copilot features, including Copilot Chat, will be available in shared and delegated mailboxes in Outlook. Users can interact with Copilot directly while using shared mailboxes without specifying mailbox-specific phrases. Copilot features such as Summarize and Draft will function within shared and delegated mailboxes. Conversation history will be saved to the user’s primary account, …

Summary The Data Security Triage Agent in Microsoft Purview Insider Risk Management is being enhanced for better alert triage and investigation focus. This update prioritizes alerts based on user risk and activity, summarizes behavioral risk patterns, and provides expanded user context. Admins need to enable the Triage Agent; it is not on by default. Organizations …

Summary Phase 2 of always-on diagnostics for Endpoint DLP allows admins to collect diagnostics from Windows endpoints without user interaction. Diagnostic traces can be uploaded directly to Microsoft Support, improving troubleshooting efficiency. Admins must enable the feature; it does not turn on automatically. Existing Endpoint DLP policies remain unchanged. Review and update documentation and processes …