Skip to Content

MC1191918 Microsoft Purview | Information Protection: Email attachment preview in Activity explorer

By: Author Alex Lim

Posted on

Categories Update

Home » Update » MC1191918 Microsoft Purview | Information Protection: Email attachment preview in Activity explorer

Summary:
New feature allows admins to preview email attachments flagged for sensitive data directly in Activity explorer.
No need to download emails for investigations, improving efficiency.
The feature is enabled by default with no configuration changes required.
Existing data loss prevention and Information Protection policies remain unchanged.
Admins should communicate this update to their security and compliance teams.

Admin Impact
Low
User Impact
Low
Release Start
15 Jan 2026
Release End
31 Jan 2026

Services
M365
Purview
Category: Stay informed
Tags
New Feature
Admin Action
History
Date Description
12/3/2025 Item Added to Message Center
Microsoft Message

Introduction
We’re enhancing Microsoft Purview | Information Protection by adding the ability to preview email attachments directly in Activity explorer for Exchange Online. Previously, only the message body was viewable, limiting visibility into flagged sensitive content. This update helps admins quickly investigate incidents without downloading emails, improving efficiency and security.

This message is associated with Roadmap ID 527834.

When this will happen:
Public Preview: Rollout begins early December 2025 and completes by mid-December 2025.
General Availability (Worldwide): Rollout begins mid-January 2026 and completes by late January 2026.

How this affects your organization:
Who is affected: Admins managing Exchange Online and using Activity explorer in Microsoft Purview.

What will happen:

Admins can preview email attachments flagged for sensitive data directly in Activity explorer.
user settings

No need to download emails for investigation.
Feature is enabled by default; no configuration changes required.
Existing DLP (data loss prevention) and Information Protection policies remain unchanged.

What you can do to prepare:
No action is required; the feature will be available automatically after rollout.
Optional: Communicate this update to your security and compliance teams.

Compliance considerations:
No compliance considerations identified; review as appropriate for your organization.