Table of Contents
What security updates do admins need for the January 2026 Teams rollout?
Microsoft continues to refine the resource management of its Teams Desktop Client. On November 26, 2025, the company announced a significant architectural shift in message MC1189656. This update addresses long-standing concerns regarding memory consumption and application responsiveness during calls. As an administrator, you must prepare your environment now to prevent service interruptions when this change rolls out in January 2026.
The Technical Shift: Introducing ms-teams_modulehost.exe
The core of this update involves the introduction of a new child process named ms-teams_modulehost.exe. Currently, the main Teams application (ms-teams.exe) handles both the user interface and the heavy lifting required for call signaling.
Starting in January 2026, Microsoft will decouple these functions. The new module host process will take over specific tasks related to call batches. By separating these resource-intensive duties from the primary application, Microsoft aims to:
Reduce the time it takes for a call to connect.
Stabilize the overall application performance during meetings.
Optimize how the client utilizes system memory and CPU resources.
While the end-user interface remains identical, the backend operation changes significantly. The ms-teams_modulehost.exe process will run alongside the main executable in the Windows Task Manager.
Critical Actions for System Administrators
The separation of processes creates a potential point of failure if your security protocols are too rigid. If your organization relies on application whitelisting or strict endpoint protection, the new process might be blocked by default. This blockage would likely cause the Teams client to crash or fail during call initiation.
You should take the following steps immediately to ensure business continuity:
Update Security Whitelists
Review your endpoint management software (such as Intune, Defender, or third-party antivirus solutions). If you currently explicitly allow ms-teams.exe, you must add ms-teams_modulehost.exe to that same allow-list. Failure to do so may trigger false positive security alerts or terminate the process.
Audit Internal Documentation
Update your internal knowledge base. Support teams often troubleshoot high resource usage by analyzing Task Manager. They need to know that ms-teams_modulehost.exe is a legitimate, essential component of the Teams ecosystem, not malware or an anomaly.
Brief Your Helpdesk
Inform your Tier 1 support staff about this change before the rollout begins in early January. If users report issues with calls connecting, support staff should verify that local security software is not suppressing the new module host.
Rollout Timeline
Microsoft has scheduled this deployment to begin in early January 2026. They anticipate the rollout will reach full completion by the end of that month. This tight window means you have limited time to test these configuration changes in your staging environment.
By proactively adjusting your security configurations, you ensure that this performance enhancement delivers a smoother experience rather than a disruption.