Microsoft 365: Upcoming Changes and End-of-Support Milestones

Last updated: December 2025

Join us in this blog as we explore the dynamic world of Microsoft 365. 🌟 We’ll shed light on the features and products that are undergoing transformations or bidding farewell. Whether you’re a system administrator 🧑‍💻 managing the Microsoft 365 environment or an avid user 🙋‍♂️ staying ahead of the curve, this blog will provide invaluable insights and actionable recommendations.

🚀Discover the key changes, deprecations, and end-of-support scenarios that require your attention. From deprecated features to configuration modifications and essential upgrade plans, we’ve got you covered! Make informed decisions and ensure a smooth transition.⚡️

With November wrapping up and December on the horizon, it’s time to revisit the standout November Ignite updates. Microsoft shipped six major updates that hint at the powerful capabilities coming next:

• Microsoft Baseline Security Mode (BSM) – BSM provides a default, tenant-wide security foundation by automatically applying Microsoft’s core protection settings. It removes the need for admins to configure every security control manually.

• Microsoft Entra Agent ID – Entra Agent ID introduces structured identity, governance, and protection for AI agents. It’s now in public preview with expanded management and security capabilities.

• AI Access Security Features – Microsoft adds four AI-focused safeguards: prompt injection defense, network file filtering, shadow AI detection, and blocking unapproved MCPs. These capabilities help organizations use AI safely.

• New Microsoft 365 Agents – Three new agents streamline Intune admins’ work: Change Review Agent, Device Offboarding Agent, and Policy Configuration Agent. Each one automates specific operational and security tasks in Microsoft Intune.

• Microsoft Agent 365 – Agent 365 is the central hub for deploying, managing, and securing AI agents across the organization. It brings unified controls, monitoring, and insights for all agent activity.

• Work IQ – Work IQ powers Copilot with contextual knowledge about whom you are working with, the projects you’re involved in, your work patterns, and more. This enables more accurate, personalized, and meaningful assistance.
  

Now, let’s shift gears and dive into what’s coming next!

Note: Interested in exploring past month’s features and deprecations? Look no further! You can find a comprehensive history of all the changes in our GitHub repository.

Here is a list of changes categorized by month and year.

• December 2025 (Retirements: 6, New Features: 11, Enhancements: 8, Existing Functionality Changes: 3, Action Needed: 3)
• Jan 2026 (Retirements: 6, New Features: 9, Enhancements: 6, Existing Functionality Changes: 1, Action Needed: 1)
• Feb 2026 (Attention Needed: 4)
• Mar 2026 (Attention Needed: 6)
• Q2 2026 (Attention Needed: 9)
• Q3 2026 (Attention Needed: 3)
• Q4 2026 (Attention Needed: 3)

Retirements: 6 | New Features: 12 | Enhancements: 5 | Existing Functionality Changes : 2 | Action Needed: 3

Microsoft will retire the Favorite Contacts feature in early December 2025. It will be replaced by the new Frequent Contacts logic used across other Microsoft 365 apps. So, users will no longer manage a favorites list in the Places app. Additionally, admins will lose the ability to control favorite contacts through the Set-PlacesSetting -AllowConnectionList cmdlet.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1182693

The App Skills feature in Copilot for Excel, which helps users derive insights directly within spreadsheets, will be retired in early December 2025. Microsoft is introducing Agent Mode in Excel as a more capable replacement.

Solution: Use alternatives such as Microsoft Copilot Chat.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184407

Microsoft will retire the TeamworkDevice (beta) API used for managing room devices on Windows from Microsoft Graph.

Solution: Admins should now use the Teams Rooms Pro Management Portal (PMP) to manage Teams Rooms on Android, Teams Phones, and Teams Panels.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1183294

The Reuse Slides feature in PowerPoint helps users insert slides from other presentations. Microsoft plans to discontinue the Reuse Slides feature in PowerPoint for Window and Mac Desktops starting December 2025.

Solution: After this change, users will need to manually copy and paste slides between files.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1179161

By late December 2025, Microsoft will completely end all security updates and bug fixes for the Teams app on devices running Android 8. This change is part of Microsoft’s effort to transition users to newer Android versions that offer better performance, stability, and security. Although the app will continue to function on Android 8, no future enhancements or maintenance updates will be provided.

Solution: Upgrade to a device running Android 10 or later to continue receiving updates.

Ref: http://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1181212

To modernize Viva Connections, Microsoft will retire the Assignments and Courses adaptive card extensions (ACEs) and their SharePoint dashboard web parts for Education tenants. These SPFx components currently surface assignment and course information on the dashboard, and their removal aims to reduce redundancy and streamline the user experience. Also, the existing components will reach the end of support on June 30, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184647

Microsoft is introducing a new Priority Cleanup feature in Purview Data Lifecycle Management. This allows admins to delete OneDrive and SharePoint content before existing retention or hold periods expire, useful for items like Teams recordings and transcripts. The feature includes capabilities such as simulation mode, audit logs, and review workflows, but it is not enabled by default.

To ensure proper control and security, two roles are required:

• A Priority Cleanup Admin to create the policy.

• A Retention Management Admin to review and approve it.

Ref: https://learn.microsoft.com/en-us/purview/priority-cleanup-exchange

Microsoft Teams currently detects brand impersonation, and it will soon extend this capability to detect tenant-owned domain impersonation as well. In simple terms, when external collaboration is enabled and an external user initiates contact with someone in your organization, Teams will automatically verify whether the external user’s domain is trying to impersonate your organization’s domain.

• For example, if your organization uses contoso.com and an external user tries to message you from a look-alike domain such as c0ntoso.com, Teams will flag it as a potential impersonation attempt.

Once detected, Teams will display a high-risk alert, prompting the user to review and confirm the contact before continuing the conversation. This protection will be enabled by default.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1187679

Microsoft Teams on the web currently switches a user’s status to “Away” when the browser tab becomes inactive. With the new update, Teams will detect overall device activity, not just tab activity. This ensures that if the user is actively working on the device, even if the Teams tab isn’t active; their presence remains “Available.” It will be rolled out to Chrome v94+ and Edge v114+ in the initial phase.

To use this feature, users need to enable “Keep my current status when I’m active outside of Teams on the web” setting in Teams (which is off by default). Once enabled, the browser will prompt users to grant permission to detect their activity.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184412

Microsoft is adding new capabilities to improve cost visibility for Data Security Investigations (DSI):

• Lightweight Cost Estimator: Helps model and forecast storage and compute costs based on investigation scenarios.

• Usage Dashboard Report: Provides granular insights into billed storage and compute units, helping admins identify cost-saving opportunities.

These enhancements support pay-as-you-go billing, require no configuration changes, and will be enabled by default in Public Preview starting early December 2025.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1186360

Microsoft Teams will introduce a feature that automatically sets users’ work locations when they connect to the organization’s Wi-Fi or certain peripherals. This helps deliver location-based experiences without manual input. The feature will be disabled by default. Tenant admins will have the option to enable it and will require end-user consent to proceed.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=488800

Microsoft Purview is integrating Insider Risk Management (IRM) with Data Security Investigation (DSI). Data security admins can now launch a pre-scoped DSI directly from an IRM case, simplifying investigations into risky user activity and enabling faster assessment of potential impact.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=501781

Microsoft will begin tracking backup-related activities, such as backup policy changes and restore operations, directly within monitoring logs. This provides better visibility for troubleshooting, auditing, and monitoring.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=500019

Microsoft will soon allow users to take direct actions from DLP email notifications. These actions include: Stop sharing files, delete files, apply labels, overriding the policy, reporting false positives, and unable to take action.

These actions apply to OneDrive and SharePoint files involved in a DLP policy match.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=464996

The new Outlook for Windows will soon provide a feature to import email messages directly from .pst files (Outlook Data File) into user mailboxes, simplifying mailbox migration and recovery.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=485739

The ChatGPT Enterprise Connector will be integrated into the Microsoft Purview Compliance Portal, enabling administrators to collect, retain, and review prompts and responses from organizational ChatGPT usage.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=401125

Microsoft Purview’s eDiscovery (Premium) will soon support importing and reviewing non-Microsoft 365 data alongside Microsoft 365 content. A new upload option within review sets will allow investigators to bring external data into the same workspace. All imported content (Microsoft and non-Microsoft) can then be searched, viewed, and analyzed together for a unified review experience.

This feature will be available by default. It may impact how your organization manages eDiscovery workflows, so internal processes and team training should be updated to ensure smooth adoption and awareness of the new capability.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1176369

In the current model, sensitivity labels consist of two levels: parent labels and sublabels. Parent labels act only as containers, while sublabels are the ones actually applied to emails and documents. However, since parent labels still appear in the UI, even though they cannot be applied, they often create confusion.

To streamline the experience, Microsoft is replacing parent labels with Label Groupings. These groupings are designed solely for organizing and categorizing labels. Users will now directly select the applicable labels instead of parent-level groupings.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=386900

Dec 11, 2025 – Changes to Entra Identity Protection Alert Settings in Defender XDR

Microsoft Defender XDR is adding more granular configuration options for identity-related alerts from Entra ID Protection to improve clarity and reduce alert fatigue. Alert ingestion will now be based directly on risk levels, allowing admins to choose whether to ingest only High-risk detections, High + Medium, or all detections.

The default setting is shifting from ingesting all severities to only High-risk alerts, which may reduce alert volume unless adjusted. You’ll also see updated UI text and visuals that make the settings easier to understand and manage. It will be rolled out in Public Preview starting Dec 11, 2025.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1190195

Microsoft is expanding Organizational Messages to support Entra ID Hybrid-joined devices in addition to fully cloud-joined devices. This allows organizations to deliver customized messaging to a wider range of enrolled endpoints.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=503564

Microsoft Purview Insider Risk Management is increasing key limits to support larger detection workloads:

• Variants per indicator: 3 → 10

• Total variants across all indicators: 100 → 400

• Items per detection group: 200 → 500

These updates enhance scalability and allow for more robust insider risk scenarios.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=518291

Currently, Insider Risk Management (IRM) policies can only use one DLP policy as a triggering event. With this update, admins will be able to select multiple DLP policies as triggers in an IRM policy, giving them more flexibility and stronger coverage.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=493757

Microsoft is adding inbound support for SMTP DANE with DNSSEC to Exchange Online environments in GCC High and DoD. This security enhancement strengthens email validation and encryption for government cloud users.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?featureid=361914&searchterms=361914

The Microsoft 365 Backup service will become available for GCC organizations beginning December 2025.
This rollout will provide GCC customers with the ability to restore their Microsoft 365 data in cases of ransomware attacks, accidental deletions, or other critical loss scenarios.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=494517

Microsoft will introduce Data Lifecycle Management capabilities to Microsoft Planner.
Admins will be able to create retention policies that safeguard Planner content, ensuring compliance with organizational data governance standards.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=486828

The Teams app usage report is being renamed and redesigned as the Integrated Apps usage report, featuring new charts and metrics. It provides insights into app usage across Teams, Outlook, Microsoft 365 apps, and Copilot extensions. The data is organized by Publishing Type, Host Product, and Platform, with detailed views on app and user activity.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=410248

As part of Microsoft’s Secure Future Initiative (SFI), starting on or after December 2, 2025, Microsoft Intune network endpoints will use Azure Front Door IP addresses. Since Basic Mobility and Security for Microsoft 365 relies on Intune, customers using firewall allowlists based on IP addresses or service tags must update them.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC1150664

Microsoft is changing the way SharePoint agent usage statistics are displayed. Instead of showing usage per site, all usage data across the tenant will now be aggregated and shown together to the tenant administrator.

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=480729

The managed connectors that sync workforce management data from UKG and Blue Yonder into Teams Shifts will be retired on December 7, 2025. These connectors currently support scheduling, time-off requests, and shift swaps.

Solution:

• UKG customers: Transition to the UKG Flow app.

• Others: Build custom integrations to maintain synchronization with Teams Shifts.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1166868

Starting December 8, 2025, the Visio Data Visualizer add-in will be removed from the Excel add-in store, templates, and ribbon. Users will no longer be able to create new diagrams using the add-in.

Solution: Disable the Data Visualizer add-in and encourage users to save existing diagrams as Visio (.vsdx) files.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1182535

By late December 2025, Microsoft will retire the Search-MailboxAuditLog and New-MailboxAuditLogSearch cmdlets in Exchange Online.

Solution: Use Search-UnifiedAuditLog instead.
Ref: https://techcommunity.microsoft.com/blog/microsoft-security-blog/microsoft-exchange-online-search-mailboxauditlog-and-new-mailboxauditlogsearch-w/4366310

Microsoft will remove the ability for users to personalize their Viva Engage interface using themes. This decision supports accessibility improvements and aligns with the upcoming centralized admin-managed theme experience. Also, existing themes will be removed, and users will be reverted to the default Viva Engage theme.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1162958

Microsoft will retire the Activity-Based Authentication Timeout setting for Outlook on the Web (OWA) starting in early January 2026. This feature currently signs users out after a period of inactivity.

Solution: Configure Idle session timeout to maintain similar session control behavior.

Ref: https://support.microsoft.com/en-us/topic/activity-based-authentication-timeout-for-outlook-on-the-web-in-office-365-0c101e1b-020e-69c1-a0b0-26532d60c0a4

The “When Sending a Message” group policy is currently used to manage grouped email-sending settings in Classic Outlook for Windows. This feature will be retired by January 13, 2026. These configurations will be replaced with new, separate Group Policy settings that provide granular control over individual mail-sending behaviors.

Solution: Migrate existing configurations to the new individual policy settings before January 12, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1164375

Microsoft Advanced Threat Analytics (ATA) extended support will be ended on January 13, 2026.

Solution: You can access Microsoft ATA updates either through Microsoft Update or by downloading them manually.

Ref: https://support.microsoft.com/en-us/topic/description-of-update-3-for-microsoft-advanced-threat-analytics-1-9-954cb9b7-9646-78ce-2000-2a257b64df7c

Microsoft is retiring the ability to create new App-V packages for Microsoft 365 Apps. While App-V has been used to virtualize and deliver applications without installing them directly on user devices, Microsoft is now shifting toward the modern Click-to-Run deployment model.

Existing App-V packages will continue to function, but starting January 13, 2026, new App-V packages for Microsoft 365 Apps can no longer be created .

Solution: Shift to Click-to-Run deployment for better performance and reliability.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1183012

Microsoft is retiring the legacy IDCRL (Identity Client Run Time Library) authentication protocol in SharePoint and OneDrive for Business as part of the Secure Future Initiative. Legacy authentication will be blocked by default beginning January 31, 2026, with modern OpenID Connect and OAuth protocols taking precedence.

Solution: A temporary re-enablement option is available until April 2026. Organizations should transition to modern authentication as soon as possible.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184649

Microsoft 365 Archive will support file-level archiving in SharePoint, enabling more granular retention and storage control. This feature enters the public preview in January 2026.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=477371

Microsoft is bringing Data Loss Prevention (DLP) policy tip support to Outlook for Mac. This helps users avoid accidental data leakage by showing policy tips when sensitive data is detected in emails. Users will be able to identify non-compliant recipients and take corrective actions, including overriding the policy when permitted.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=484854

Microsoft is adding a rule-based configuration option in the Teams admin center to simplify app management. With this update, administrators can control Microsoft 365 certified third-party apps in bulk from the Org-wide settings section. Also, app availability can be determined using publisher information and permission scopes.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1085133

Teams will soon allow users to chat with external contacts using their email addresses, even if those contacts do not have a Teams account. External users will receive an invitation to join as guests. This experience follows your organization’s B2B Guest policy and will be enabled by default.

Admins can disable by setting UseB2BInvitesToAddExternalUsers as false in Set-CsTeamsMessagingPolicy cmdlet.

Ref: https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC1182004

Microsoft is adding new security controls to help admins manage Microsoft 365 Copilot usage more effectively. These capabilities include visibility into data oversharing, remediation options, and the ability to apply DLP policies directly within the admin center. General availability begins mid-January 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1182689

Microsoft will now allow apps including bots and tabs to be added to shared channels, expanding beyond the previously limited tab support. Apps must be configured per channel, as team-level app settings do not apply to shared or private channels. This capability will be enabled by default.

Also, new admin settings will also be introduced to control who can add apps in shared channels.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1168294

Tenant admins will be able to centrally manage SharePoint site branding using PowerShell. This includes enforcing consistent branding, applying enterprise themes, disabling custom branding on specific sites, and auditing branding changes across the organization.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=503563&searchterms=526794

Microsoft is simplifying external collaboration settings across chats, calls, meetings, Teams, and shared channels. A new interface provides three predefined collaboration modes:

• Open: Allows chats, calls, and meetings with all external domains and Teams personal accounts via federation or external access.

• Controlled: Matches the current default for enterprise and EDU tenants and blocks shared channel collaboration.

• Custom: Allows complete customization of external collaboration settings across all Teams surfaces.

Also, general availability begins late January 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1183006

Microsoft Purview will introduce User Activity Summaries within Insider Risk Management (IRM) to help analysts better assess risk context during incident reviews. These insights consolidate data from multiple security and compliance solutions, providing a unified view of user behavior and potential policy violations.

Insights will be available in:

1. Microsoft Purview Data Loss Prevention alerts.

2. Microsoft Defender user entity pages and alerts.

3. Communication Compliance policy reports.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1045212

Microsoft Teams is extending the consent requirement for recording and transcription to include 1:1 calls. Admins can enforce this behavior using a new Teams Calling policy setting. When recording or transcription starts, the other participant’s camera, microphone, and screen sharing will automatically turn off until they provide explicit consent.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=503295

To improve the calling performance and startup timing, Microsoft Teams Desktop for Windows will run a new process “teams_modulehost.exe,” which will handle the calling features separately. So, this child process will handle the calling stack separately from the main process (ms-teams.exe).

So, admins need to update the endpoint and security software to allow this new process.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1189656

Microsoft is improving the quarantine experience with:

• Message display per individual recipient instead of grouping.

• The ReleaseToAll parameter will now target each mailbox individually.

• Backend performance enhancements for better reliability and consistency.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1171845

Microsoft is rolling out modernized Access Request and Access Denied pages across Microsoft 365, with updated visuals, clearer messaging, and subtle animations. This helps users understand permissions and request access more easily.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1188599

Microsoft Teams will launch a reimagined Workflows experience powered by Power Automate, offering a faster, simpler, and more intuitive automation platform. This new version enables users to automate tasks such as approvals, message scheduling, and data synchronization directly within Teams.

Key Improvements Include:

• A modern and streamlined interface optimized for chats, channels, and SharePoint lists and libraries.

• A revamped template gallery for easy discovery and setup of automation flows.

• Natural language automation capabilities that let users describe what they want to automate in plain English.

• A Madlib-style editor for simple customization using placeholders and dynamic tokens.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1121517

Starting January 2026, Insider Risk Management in Microsoft Purview will support Optical Character Recognition (OCR) to detect sensitive content in images shared via SharePoint, Teams messages, and endpoints. This enhancement helps identify potential insider threats such as data leaks or intellectual property theft, while preserving user privacy through pseudonymization and audit controls.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=171185

Microsoft is enhancing Data Lifecycle Management by introducing a new “When items were last accessed” condition for retention policies. This feature allows admins to manage and automatically clean up OneDrive and SharePoint content based on access history, improving storage hygiene and optimizing Microsoft 365 Copilot responses.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC999442

Communication Compliance is enhancing policy alert customization. Admins will have the ability to set the alert frequency for each policy and adjust the email alert frequency and recipients directly within the policy creation wizard, via the new alerts page. This update will be generally available from early-Jan 2026.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC920304

Starting January 5, 2026, the Outlook for Android app will require devices to run Android 10.0 or later to continue receiving updates, security patches, and new features. Users on earlier Android versions will retain app access temporarily but will not receive further updates.

Solution: Advise users to upgrade their Android OS to version 10.0 or higher by Jan 4 to ensure ongoing support.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1163756

Microsoft introduced Content Security Policy (CSP) in SharePoint as a browser-level security standard that controls which scripts, styles, images, and other resources a site is allowed to load. If a resource isn’t explicitly approved, the browser blocks it. This helps protect SharePoint sites from threats like cross-site scripting (XSS), clickjacking, and other code injection attacks.

Ref: https://techcommunity.microsoft.com/blog/spblog/sharepoint-online-content-security-policy-csp-enforcement-dates-and-guidance/4472662

Microsoft will enhance the Microsoft Authenticator app with jailbreak and root detection capabilities for Entra credentials on both iOS and Android platforms. Once this feature is active, Entra credentials on jailbroken or rooted devices will stop functioning. And any existing ones will be automatically wiped for security reasons.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1179154

The Exchange Online Moderation feature allows moderators to approve or reject messages before they’re sent. Currently, this can only be done in Outlook Desktop or Outlook on the web. With the new update using Actionable Messages, moderators can now approve or reject moderated messages from any Microsoft email client, including Outlook for Windows, Mac, iOS, and Android.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=492743

The Reporting Web Service for Message Trace will begin to be phased out by Feb 28, 2026.

Solution: Use the new Message Trace PowerShell cmdlets instead.

Ref: https://admin.microsoft.com/?ref=MessageCenter/:/messages/MC1092458

Microsoft is introducing soft deletion support for cloud security groups. Deleted groups can be restored for up to 30 days, along with their settings, membership, and properties. Audit logs will track deletion, restoration, and hard deletion events.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1183299

Admins will be able to configure longer-term retention for Microsoft 365 backups, allowing data storage beyond one year. This feature will be available in preview by March 2026.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?searchterms=481834

Information Barriers v2 (IB v2) will be available by default for all new onboarding tenants. It supports up to 5,000 segments, allows users to be in up to 10 segments, and offers flexible user discoverability while enforcing IB policies.

Existing IB v1 tenants must opt in to upgrade to IB v2 to use these new capabilities. This update applies only to IB v1 customers.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=402516

Starting March 2026, Microsoft Purview will support a new Data Loss Prevention (DLP) rule action that triggers custom Power Automate workflows when a policy match occurs.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=380721

Currently, enabling email notifications in DLP policies for SharePoint and OneDrive also forces policy tips to be enabled, and vice versa. With this update, admins will be able to configure policy tips and email notifications independently, providing more flexibility in how alerts are managed.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=396575

External access tokens for actionable messages will be retired on March 31, 2026, and organizations must transition to Microsoft Entra authentication to ensure continued functionality. After this date, any actionable message relying on external tokens will fail. This change strengthens security and aligns with modern identity standards.

Solution: Organizations using actionable messages should review their current implementations and update all integrations to Microsoft Entra authentication before the deadline to avoid disruptions.

Ref: https://learn.microsoft.com/en-us/outlook/actionable-messages/

The Require approved client app control in Azure Active Directory (Azure AD) Conditional Access will be retired and no longer enforced.

Solution: You can make use of the “Require app protection policy” control, which has all the same capabilities

Ref: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-change-announcements-march-2023-train/ba-p/2967448

Microsoft will retire the legacy CDN domain publiccdn.sharepointonline.com by late April 2026. Organizations must update any hardcoded references to the new domain public-cdn.sharepointonline.com to avoid broken links or 404 errors.

Recommendation: Complete validation and updates before March 31, 2026, for uninterrupted access to SharePoint resources.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184996 8

Exchange Online will begin enforcing an External Recipient Rate (ERR) limit of 2,000 recipients within 24 hours. This restriction will apply to the cloud-hosted mailboxes of all newly created tenants.

Note: Exchange Online currently enforces a Recipient Rate limit of 10,000 recipients for cloud-hosted mailboxes. The 2,000 ERR limit will be a sublimit within this 10,000 Recipient Rate limit.

Ref: https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-introduce-external-recipient-rate-limit/ba-p/4114733

Microsoft 365 Enterprise users will automatically switch to the new Outlook for Windows, gaining access to modern features like Copilot, theming, and time-saving options such as Pinning and Snoozing emails. A toggle will be available for users to revert to the classic Outlook. Admins can prevent this automatic migration via cloud policy.

Ref: https://admin.microsoft.com/#/MessageCenter/:/messages/MC949965

SharePoint 2013 workflows will no longer be supported.

Solution: You can move to Power Automate or other supported solutions.

Ref: https://admin.microsoft.com/?ref=MessageCenter/:/messages/MC542767

SharePoint Add-Ins will stop working for existing tenants from April 2nd, 2026.

Solution: Admins can run the Microsoft 365 Assessment tool to scan their tenants for SharePoint Add-In usage.

Ref: https://admin.microsoft.com/?ref=MessageCenter/:/messages/MC693865

After April 2, 2026, existing tenants using Azure ACS for custom or third-party app access in SharePoint Online will no longer function due to its retirement.

Solution: Admins can utilize the Microsoft 365 Assessment tool to scan the tenants for any usage of Azure Access Control Service (ACS) and migrating from Azure ACS to Microsoft Entra ID.

Ref: https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/retirement-announcement-for-azure-acs

From Apr 02, 2026, the domain isolated web part feature will be fully retired. Organizations using this feature will receive an error message.

Solution: Update your domain isolated web parts to regular web parts and redeploy them to ensure continued functionality.

Ref: https://devblogs.microsoft.com/microsoft365dev/retiring-sharepoint-framework-domain-isolated-web-parts-for-sharepoint-online/

Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH), reaching 100% rejection of such requests by April 30, 2026.

Solution: You can start to use OAuth with Client Submission (SMTP AUTH).

Ref: https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-retire-basic-auth-for-client-submission-smtp/ba-p/4114750

Microsoft plans to make the Adaptive Protection and Data Lifecycle Management (DLM) integration generally available by late June 2026. This integration allows administrators to retain or restore items deleted by high-risk users, providing better safeguards against insider threats and accidental data loss.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC791110

Microsoft is finalizing the rollout of Unified App Management for Teams, Outlook, and the Microsoft 365 app. This update simplifies app management by consolidating the separate admin experiences into a single, centralized management interface. The unified experience will be fully available to all organizations by the end of June 2026.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC796790

Power Automate will integrate with Data Lifecycle Management, enabling administrators to automate actions when items reach the end of their retention period. For instance, organizations can design flows to initiate approval workflows before permanently deleting data.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=117523

As part of Power Automate’s integration with Microsoft Purview Records Management, new retention actions will roll out in December 2025. At the end of a retention period, admins will be able to:

• Relabel files or emails

• Apply retention labels to SharePoint files

• Delete items across SharePoint, OneDrive, and Exchange

All retention actions will be logged in the Microsoft Purview Audit log for tracking.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=117425

Microsoft plans to make the Adaptive Protection and Data Lifecycle Management (DLM) integration generally available by late June 2026. This integration allows administrators to retain or restore items deleted by high-risk users, providing better safeguards against insider threats and accidental data loss.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC791110

Microsoft is finalizing the rollout of Unified App Management for Teams, Outlook, and the Microsoft 365 app. This update simplifies app management by consolidating the separate admin experiences into a single, centralized management interface. The unified experience will be fully available to all organizations by the end of June 2026.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC796790

InfoPath Client 2013 will reach the end of its extended support period on July 14, 2026, and to keep an aligned experience across Microsoft products, InfoPath Forms Service will be retired from SharePoint Online.

Solution: To understand the usage of InfoPath within your organization, you can utilize the Microsoft 365 Assessment tool to scan your tenant and analyze InfoPath usage. If you are currently using InfoPath, you can initiate the migration process to modern alternatives such as Power Apps, Power Automate, or Forms.

Ref: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/support-update-for-infopath-forms-services-in-microsoft-365/ba-p/3858190

Microsoft will discontinue support for SharePoint Alerts. Existing alerts can no longer be modified and will eventually stop functioning.

Solution: Microsoft recommends migrating SharePoint Alerts to Power Automate or SharePoint Rules. Use the Microsoft 365 Assessment tool to review alerts and plan the move.

Ref: https://support.microsoft.com/en-us/office/sharepoint-alerts-retirement-813a90c7-3ff1-47a9-8a2f-152f48b2486f

Microsoft is retiring legacy Education LTI tools (Teams Assignments, OneDrive, OneNote Class Notebook, Reflect) on September 17, 2026, replacing them with a unified Microsoft 365 LTI tool. Users and admins will need to transition to the Microsoft 365 LTI unified tool.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC1160188

October 1, 2026, Microsoft will start blocking EWS requests from non-Microsoft apps to Exchange Online. The changes in Exchange Online do not affect Outlook for Windows or Mac, Teams, or any other Microsoft product.

Solution: Migrate your applications to Microsoft Graph to access Exchange Online data and gain access to the latest features and functionality.

Ref: https://techcommunity.microsoft.com/t5/exchange-team-blog/retirement-of-exchange-web-services-in-exchange-online/ba-p/3924440

User risk policy or Sign-in risk policy UX in Entra ID Protection (formerly Identity Protection) will be retired on October 1, 2026.

Solution: Migrate Sign-in risk and User risk policies to Conditional Access.

Ref: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/what-s-new-in-microsoft-entra/ba-p/3796395

In October 2026, Microsoft will discontinue Publisher in Microsoft 365, with on-premises suite support ending. While support lasts, they’re exploring modern alternatives across Word, PowerPoint, and Designer for common Publisher tasks, with updates forthcoming.

Ref: https://admin.microsoft.com/?ref=MessageCenter/:/messages/MC716267

In conclusion, navigating the ever-evolving landscape of Microsoft 365 requires staying informed about the changes 🔍. By proactively adapting to these changes, you can optimize your Microsoft 365 experience, maximize productivity, and effectively plan for the future. 💪

Don’t miss out on the latest buzz in Microsoft 365! 🐝

We’re committed to keeping this blog fresh with the most current information. Stay tuned for the latest updates!

End of Support Resources for Microsoft 365: