Microsoft 365: Upcoming Changes and End-of-Support Milestones

Last updated: May 2026

Join us in this blog as we explore the dynamic world of Microsoft 365. 🌟 We’ll shed light on the features and products that are undergoing transformations or bidding farewell. Whether you’re a system administrator 🧑‍💻 managing the Microsoft 365 environment or an avid user 🙋‍♂️ staying ahead of the curve, this blog will provide invaluable insights and actionable recommendations.

🚀Discover the key changes, deprecations, and end-of-support scenarios that require your attention. From deprecated features to configuration modifications and essential upgrade plans, we’ve got you covered! Make informed decisions and ensure a smooth transition.⚡️

Note: Interested in exploring past month’s features and deprecations? Look no further! You can find a comprehensive history of all the changes in our GitHub repository.

Here is a list of changes categorized by month and year:

• May 2026 (Retirements: 5, New Features: 15, Enhancements: 4, Existing Functionality Changes: 1, Action Needed: 1, Live in May: 1)
• June 2026 (Retirements: 5, New Features: 13, Enhancements: 1, Existing Functionality Changes: 2, Action Needed: 2)
• July 2026 (Attention Needed: 15)
• August 2026 (Attention Needed: 2)
• September 2026 (Attention Needed: 5)
• Q4 2026 (Attention Needed: 9)
• 2027 (Attention Needed: 6)

Retirements: 9 | New Features: 14 | Enhancements: 3 | Existing Functionality Changes: 3 | Action Needed: 2 | Live Now: 1

As part of the Secure Future Initiative, Microsoft is deprecating the legacy IDCRL (Identity Client Run Time Library) authentication protocol in SharePoint and OneDrive for Business. Legacy authentication will be permanently blocked beginning May 1, 2026, with modern OpenID Connect and OAuth protocols taking precedence.

Solution: Organizations should transition to modern authentication as soon as possible.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184649

The “Agent registry” and “Agent collections” blades in the Entra admin center are currently used to view and manage agents in Microsoft 365. To simplify agent management through a unified platform, Microsoft is retiring these blades, along with the existing Agent Registry Graph API.

Solution: Admins should use the Agent 365 page, which serves as a unified platform to view, discover, and manage agents. Admins will also need to adopt the new API (yet to be announced) for agent registration.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1275311

Microsoft is retiring a small set of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) threat detections within Microsoft Defender for Cloud Apps. This change reflects a refined focus on identity-related threats across Microsoft Entra, on-premises, and SaaS environments.

• Affected alerts and behaviors (e.g., VM creation/deletion, CloudTrail changes, storage deletions) will no longer be generated.

• Related built-in policies will be removed from the Policy management page.

• Existing alerts remain available in Alerts, Incidents, and Advanced Hunting for historical analysis.

• Links to removed policies will indicate they are deleted.

Solution: Review and update any operational processes, playbooks, or documentation that rely on these detections.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1254554

As Microsoft continues to invest in other Copilot capabilities, it plans to retire the Copilot-generated recap feature in Loop starting early May 2026. After this change, users will no longer be able to generate recaps using Copilot and will need to manually create and edit recaps within Loop. As a result, the recap entry point will no longer display the “with AI” label or sparkle icon. This change is irreversible and enabled by default.

Ref: https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC1267976

Microsoft Teams will lock the “Require verification by participants (CAPTCHA)” policy starting early May 2026, preventing admins from enabling it. This marks the beginning of CAPTCHA retirement, with a transition to a default-on bot detection capability that requires organizer approval for external bots.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1262588

The Microsoft Defender for Endpoint mobile app is receiving continuous updates aimed at strengthening its security. These security enhancements are only available in app versions released on or after February 2026.

To ensure all devices remain protected with the latest security updates, Microsoft will retire older versions of the Defender for Endpoint mobile app released prior to February 2026 on both iOS and Android. After May 9, 2026, users relying on older versions will no longer be able to connect to Microsoft Defender cloud services or receive security updates.

Solution: Upgrade to the supported versions, such as:

• Android: version 1.0.8605.0101

• iOS: version 1.1.73270102

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1276511

External access tokens for actionable messages will be retired on May 15, 2026, and organizations must transition to Microsoft Entra authentication to ensure continued functionality. After this date, any actionable message relying on external tokens will fail. This change strengthens security and aligns with modern identity standards.

Solution: Organizations using actionable messages should review their current implementations and update all integrations to Microsoft Entra authentication before the deadline to avoid disruptions.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1189663

In preparation for the full retirement of InfoPath Forms Services on July 14, 2026, Microsoft will prevent the publication of any new or updated InfoPath forms starting May 18, 2026. This change applies to all Microsoft 365 environments, including Government Clouds (GCC, GCC High, and DoD). Existing published forms will remain accessible but cannot be modified or republished.

Solution: Run the Microsoft 365 Assessment tool to identify InfoPath usage and migrate to Power Apps, Power Automate, or Microsoft Forms before the retirement date.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1255407

To reduce overlap and focus development efforts on Microsoft Outlook Mobile, Microsoft will retire the Outlook Lite app for mobile. The complete retirement is scheduled for May 25, 2026. After this date, users may still be able to launch the app, but mailbox access will be disabled.

Solution: Move to the Microsoft Outlook Mobile app, which offers full mailbox functionality along with enhanced compliance capabilities.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1276508

Microsoft has announced the official launch of Microsoft 365 E7, a new premium licensing tier arriving May 1, 2026. Priced at $99 per user per month, the E7 suite is designed to securely govern AI agents with advanced security and compliance controls at an enterprise level.

E7 serves as a comprehensive bundle, unifying the existing Microsoft 365 E5 foundation with Microsoft 365 Copilot, the new Agent 365 governance platform, and the full Microsoft Entra Suite. This consolidation offers approximately 15% savings compared to purchasing these components individually.

Ref: https://partner.microsoft.com/en-US/blog/article/agent-365-announcement?wt.mc_id=mxhr8c6r8v

A new feature called “Brand Impersonation Protection for Teams calling” will be introduced. This feature detects and warns users about fraudulent external callers impersonating trusted organizations.

Users will see a warning and can choose to accept, block, or end the call. The feature will be enabled by default and will evaluate incoming VoIP calls from first-time external callers.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1219793

A new Entra ID Account Recovery feature is being introduced to help users recover access to organizational accounts if all registered authentication methods are lost. Unlike a standard password reset, this feature securely verifies the user’s identity and re-establishes trust before allowing new authentication methods to be set up.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?filters=&searchterms=529856

Microsoft Teams meeting recordings will automatically inherit the meeting’s sensitivity label when label inheritance is enabled. This ensures that access controls, data protection policies, and agent responses based on meeting transcript respect the meeting’s sensitivity classification end to end.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=557178

Teams will soon allow users to chat with external contacts using their email addresses, even if those contacts do not have a Teams account. External users will receive an invitation to join as guests. This experience, which will be in General availability follows your organization’s B2B Guest policy and will be enabled by default.

Admins can disable chat with anyone using an email address by setting UseB2BInvitesToAddExternalUsers as false in Set-CsTeamsMessagingPolicy cmdlet.

Ref: https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC1182004

Microsoft will enable admins to define rules for Copilot agent lifecycle management. Admins can configure automation for various scenarios, such as:

1. Automatically blocking risky agents
2. Automatically deleting inactive agents
3. Automatically reassigning ownerless agents to their managers

This capability helps streamline governance and ensures better control over Copilot agents throughout their lifecycle.
Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=481518#Roadmap

Viva Engage communities will be integrated into Microsoft Teams, enabling discoverable conversations, unified navigation, synced memberships, and enhanced admin controls. The feature is enabled by default, and administrators can disable it if required.

It is available to all Microsoft Teams customers with a standard Microsoft 365 and Teams license, with no additional licensing required.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1218423

A new SharePoint experience is being introduced with a streamlined design and better navigation to help users discover content, publish information, and build solutions more efficiently. The update also includes AI-assisted capabilities, which require a Microsoft 365 Copilot license.
This experience introduces a redesigned SharePoint app bar with options such as Discover, Publish, Build, OneDrive, and Home. It also brings refreshed pages, news, libraries, and lists to improve content visibility while preserving existing site branding. The targeted release is scheduled to begin in early May 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1240699

Microsoft is introducing Copilot-powered AI for creating and editing SharePoint pages, enabling admins and content authors to produce high-quality pages more efficiently. With a Copilot license, users can leverage natural language prompts to create, refine, and update page content through an AI-powered authoring panel.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1282683

Starting May 2026, Microsoft Entra ID introduces passkey profiles and synced passkeys to General Availability (GA) for tenants with Passkeys (FIDO2) enabled. This update brings a new passkeyType property, allowing admins to configure device-bound, synced, or both types of passkeys, along with support for group-based configurations.

Tenants that do not opt in during the rollout window will be automatically migrated to a default passkey profile. Existing configurations will be carried over, and no new authentication methods will be enabled.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1221452

Microsoft previously announced support for passkeys (FIDO2) in Microsoft Entra Registration Campaigns. The latest update confirms that passkeys will continue to be a supported and prioritized authentication method. They will remain available in the Enabled state and will also be introduced under the Microsoft-managed state for eligible tenants.

As part of this update, Microsoft will automatically update certain campaign settings and start prompting users to register passkeys during sign-in after completing MFA.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1279092

Beginning mid-May 2026, Exchange Online introduces a new PowerShell cmdlet to change meeting organizer for single meetings or recurring series. This helps maintain continuity during offboarding or role changes, without requiring attendees to respond again to the meeting.

Once transferred, the new organizer gains full control of the event, including recurrence, description, and attendees. Meetings for internal attendees are updated silently, while external attendees receive updated invites and must accept again.

The feature is enabled by default, preserves meeting history, and future support is planned in Outlook and Teams interfaces.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1227623

Custom AI skills are being introduced in SharePoint Online, allowing users to build and reuse structured AI tasks saved as Markdown files within the Agent Assets library. SharePoint AI can automatically identify and apply relevant skills based on a user’s query, or users can manually invoke a skill by name.

With this capability, users can guide AI to perform routine tasks, such as reviewing documents or organizing content in a consistent way without the need for code or external integrations. This feature is enabled by default, does not include a tenant-level toggle, and will reach general availability by late May 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1269209

Microsoft is introducing enhanced targeting capabilities for sensitivity label policies in Microsoft Purview. Admins will be able to exclude modern Microsoft 365 groups and include dynamic, non-mail-enabled security groups when assigning labels. This enhancement provides greater flexibility and precision in policy targeting. The feature is about to reach general availability by late May 2026.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=558685

As AI agents become more common in Microsoft 365, associated risks also continue to rise. Microsoft will extend Insider Risk Management to cover AI agents, enabling admins to define policies specifically for agent-driven activities. This enhancement helps detect, flag, or block risky behaviors when AI agents access sensitive data or perform high-risk actions across platforms like Copilot Studio, Azure AI Foundry, and Agent 365.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?filters=&searchterms=516032

Microsoft Purview will allow admins to configure hard deletion in priority cleanup policies for SharePoint and OneDrive content, enabling items to bypass recycle bins during cleanup.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=558343

Previously, retention policies could delete content based on conditions such as ‘When items were created’ or ‘When items were last modified’. Microsoft is now enhancing Data Lifecycle Management by introducing a new “When items were last accessed” condition for retention policies.

This feature allows admins to manage and automatically clean up OneDrive and SharePoint content based on access history. It improves storage hygiene and helps optimize Microsoft 365 Copilot responses.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC999442

Starting May 2026, Windows Autopatch will enable hotpatch updates by default for eligible Intune devices, delivering security updates without requiring restarts. Devices must meet prerequisites like enabling Virtualization-based Security (VBS). Restarts will occur only during baseline months, and admins can opt out using settings available from April 2026.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1248388

Currently, when a synced file is deleted from OneDrive via the web, it is sent to both the SharePoint/OneDrive Recycle Bin and the local device’s Recycle Bin or Trash. While this may assist with recovery, it also consumes local disk space and can trigger unnecessary re-downloads and re-sync operations during restoration.

Microsoft is now updating this behavior. Starting early – May 2026, files deleted from OneDrive through the web or browser will no longer appear in the local Recycle Bin on synced devices. These files can be restored only from the OneDrive or SharePoint Recycle Bin.

Note: Cloud-only files will remain unaffected. Files deleted locally on a device will continue to appear in the local Recycle Bin or Trash as they do today.

Ref: https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC1269861

Microsoft Purview eDiscovery will restrict certain special characters, such as “+, =, @, /, and *” in naming and description fields for new or edited cases, holds, searches, and review sets.

If users include these characters, they will be prompted to remove them from the fields. Existing names and descriptions will remain unchanged until the user chooses to edit them.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1282562

Microsoft Teams on the web will require support for modern browser standards, including ECMAScript 2022 (ES2022). Users accessing Teams through unsupported browsers will see reminder banners until May 14, 2026, after which access will be blocked starting May 15, 2026.

This change is enabled by default and does not impact Teams desktop or mobile clients. Unsupported browsers may cause sign-in interruptions due to Conditional Access policy enforcement.

Solution: Ensure users access Microsoft Teams on the web using browser versions that support ECMAScript 2022 (ES2022).

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230888

The retirement of Office 365 Connectors in Microsoft Teams has been finalized, with full decommissioning planned from May 18, 2026.

Solution: Plan and complete the transition from Office 365 Connectors to Workflows webhooks before the deadline to avoid disruption.

Ref: https://devblogs.microsoft.com/microsoft365dev/retirement-of-office-365-connectors-within-microsoft-teams/

This update was released in April and is now available for you to start using.

Microsoft started rolling out a modernized change management model in mid-April 2026, giving IT teams greater control over how and when updates are adopted. It introduces flexible release audiences: Frontier (early access), Standard (default), and Deferred (30-day delay) to better align with organizational readiness and governance needs.

Message center communications have also been enhanced with more structured and actionable updates, helping admins clearly understand impact, required actions, and compliance considerations. In addition, AI-powered insights are now available through the Microsoft MCP Server, enabling natural language access to trusted roadmap, Message center, and service health data.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1282306

To streamline app management and focus on a fully supported web experience, Microsoft will retire the Sway Windows desktop app.

Solution: Users should switch to the web version at sway.cloud.microsoft, which provides the same features, preserves all content, and offers improved accessibility and updates.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1213784

Microsoft will retire the Outlook for Windows reports from the Exchange admin center. To streamline and improve the reporting experience, this report will be removed automatically, with no option to opt out.

Solution: Admins can continue accessing Outlook for Windows usage insights through the Microsoft 365 admin center under Reports > Usage > Microsoft 365 Apps > Usage > Outlook for Windows

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230889

Microsoft is retiring Teams Live Events and related Microsoft Graph APIs on June 30, 2026. Existing live events will continue to function until February 28, 2027, but customers will no longer be able to schedule new Teams Live Events, including through Dynamics 365, after the retirement date. The isBroadcast property in the onlineMeeting Graph resource will remain available only until June 30, 2026.

Solution: Migrate to Teams town halls and updated Teams meeting Graph APIs, and update workflows or applications that depend on the isBroadcast property by June 29, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1226495

To modernize Viva Connections, Microsoft will retire the Assignments and Courses adaptive card extensions (ACEs) and their SharePoint dashboard web parts for Education tenants. These SPFx components currently surface assignment and course information on the dashboard, and their removal aims to reduce redundancy and streamline the user experience. Also, the existing components will reach the end of support on June 30, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1184647

Microsoft Teams currently supports certain external apps and hardware, such as meeting control devices and third-party tools to control meetings and calls through an unsupported approach.

Starting June 30, 2026, Microsoft will retire this capability completely. After this change, these external tools will no longer be able to control Teams meetings or calls, and the related privacy setting in the Teams desktop client will also be removed.

This update only affects organizations relying on such integrations. Native Teams functionality will continue to work as expected, and supported integration models will remain available.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1266901

Microsoft will introduce a new DLP action that can trigger custom Power Automate workflows when an item reaches the end of its retention period.

Admins can use this capability to automate complex disposition processes, such as initiating approval workflows or moving files to an archive after the retention period expires.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=558859

Microsoft will introduce new pre-built templates for data security investigations in Microsoft Purview. Instead of building queries from scratch, admins can use these templates to quickly scope and initiate investigations.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=560326#Roadmap

A Governance Reviews Dashboard (Private Preview) will be introduced to consolidate all site governance tasks into a single unified view. With this dashboard, site owners can track pending reviews, such as inactivity checks, ownership validation, and attestation requirements across all managed sites.

It provides clear visibility into required actions, deadlines, and enforcement status, enabling faster responses without switching between multiple tools. By consolidating policy notifications into one place, it reduces reliance on scattered email alerts and delivers a more streamlined, action-oriented governance experience.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=560541#Roadmap

Microsoft will introduce a new report in the Teams admin center called the “Security Detection Report.” This report enables admins to review detection activities such as impersonation attempts, malicious URL detection, and identification of weaponizable file types.

Admins can also export detailed data from this centralized view for further investigation and analysis.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?searchterms=560702#Roadmap

Microsoft Teams is introducing automatic detection of external meeting assistant bots, providing organizations with greater visibility and control over automated participants. When a bot attempts to join a meeting, it will be clearly labeled in the lobby, allowing organizers to approve, block, or remove it.

Additionally, a new admin policy will enable administrators to define how such bots are handled across the organization. This feature will be enabled by default for all tenants, with rollout in general availability by mid-June 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1251206

Microsoft will introduce a new option in Microsoft Purview Data Loss Prevention (DLP) for SharePoint and OneDrive called “File Quarantine.” When configured, any file that violates a DLP policy will be automatically moved to an admin-defined quarantine location.

A tombstone file will be placed in the original location to inform users about the quarantine action, along with an admin-defined message. Admins can monitor these activities through Audit logs, DLP alerts, and Activity Explorer.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1288527

Currently, admins must manually select and maintain SharePoint sites within DLP policies. To reduce this effort, Microsoft will introduce adaptive scopes for SharePoint DLP policies.

With a Microsoft 365 E5 or E5 Compliance license (add-on), admins can dynamically target SharePoint sites based on specific attributes such as URL, name, or metadata. This feature is not enabled by default and requires admins to configure adaptive scopes within DLP policies. Also, it will be out for general availability by early June 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234571

Teams Rooms on Android, Teams phones, Teams panels, and Teams displays will be managed through the Pro Management Portal (PMP) instead of the Teams Admin Center, unifying device management in one place.

As part of this transition, device inventory and health data will automatically appear in PMP. Admins performing management actions in TAC will be redirected to the new portal experience. The rollout is expected to reach general availability across Worldwide and GCC environments by early June 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1227622

Microsoft will introduce a new feature called recipient groups for eSignature requests in Microsoft Word. This allows users to assign a group of up to 10 recipients for signing. Once any one recipient in the group completes the signature, the requirement is fulfilled.

This approach helps reduce delays by avoiding dependency on a single individual to complete the signing process. The feature will be enabled by default.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1290821

Starting early June 2026, Microsoft Purview introduces a new Data Security Posture Management (DSPM) experience, unifying visibility across traditional and AI-driven data with guided workflows to prioritize risks and accelerate remediation. It also adds AI observability, enhanced reporting, and Security Copilot agents to automate tasks like triage and policy management.

The new experience is available alongside DSPM (classic) and DSPM for AI (classic), with no default policy changes and existing onboarding configurations carried over.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1191257

Microsoft plans to make the Adaptive Protection and Data Lifecycle Management (DLM) integration generally available by late June 2026. This integration allows administrators to retain or restore items deleted by high-risk users, providing better safeguards against insider threats and accidental data loss.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC791110

Microsoft is finalizing the rollout of Unified App Management for Teams, Outlook, and the Microsoft 365 app. This update simplifies app management by consolidating the separate admin experiences into a single, centralized management interface. The unified experience will be fully available to all organizations by the end of June 2026.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC796790

Admins will have the ability to permanently delete sensitive Exchange mailbox content, bypassing retention policies and eDiscovery holds. This will be possible through the “Priority Cleanup Administrator” role, which grants authorized users’ permission to initiate Priority Cleanup for Exchange, allowing exceptions to standard retention and legal hold policies.

Since this process is irreversible and overrides existing policies, Microsoft has built-in approvals and special auditing for security.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?filters=&searchterms=392838

Outlook on the web and the new Outlook for Windows will receive enhanced Mail Merge (Advanced) capabilities. With this update, users will be able to insert dynamic fields into email templates, enabling more personalized and customized communication at scale.

This enhancement simplifies the process of tailoring messages, making it more efficient to send targeted and professional emails.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=423047

Starting June 1, 2026, Microsoft will disable email notifications for expiring Teams meeting recordings. This change aims to reduce notification fatigue and improve relevance based on customer feedback. While email notifications are removed, the underlying recording expiration and deletion policies remain unchanged.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1245635

Currently, enabling email notifications in DLP policies for SharePoint and OneDrive also enforces policy tips, and vice versa. With this update, Microsoft introduces the ability to configure policy tips and email notifications independently, providing greater flexibility in how alerts are managed.

This feature will be available in general availability by early June 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC791114

Microsoft is ending the sale of standalone SharePoint Online Plan 1 and Plan 2 and OneDrive for Business Plan 1 and Plan 2. Starting June 1, 2026, new customers will no longer be able to purchase these standalone plans.

Solution: Move to Microsoft 365 suite offerings such as Business Basic, Business Standard, Business Premium, E1, E3, or E5 for continued service availability.

Ref: https://learn.microsoft.com/en-us/partner-center/announcements/2026-january#retirement-of-standalone-sharepoint-online-and-onedrive-for-business-plans-plan-1-and-plan-2

Microsoft will block Exchange Web Services access for mailboxes that do not include EWS usage rights starting June 30, 2026. After enforcement, requests made without a supported license will return an HTTP 403 error. Impacted licenses include Exchange Online Kiosk, Microsoft 365/Office 365 F1, and F3.

Solution: To continue using EWS, assign a license that includes EWS access, such as Exchange Online Plan 1 or 2 or Microsoft 365 E3/E5.

Ref: https://techcommunity.microsoft.com/blog/exchange/update-to-ews-access-for-kiosk–frontline-worker-licensed-users/4474299

Starting July 1, 2026, Microsoft will implement a global price increase across all Microsoft 365 plans. Prices will increase by 5% to 33%, depending on the SKU. The increase reflects ongoing investments in AI capabilities, security enhancements, and advanced management features.

Alongside the price increase, Microsoft is adding value to select plans:

• Microsoft 365 Business Premium will receive an additional 50 GB of email storage at no extra cost.
• Advanced Microsoft Intune capabilities will be included with Microsoft 365 E3 and E5 subscriptions.
• Microsoft will include Security Copilot in E5 subscriptions at no additional cost.

Ref: https://www.microsoft.com/en-us/microsoft-365/blog/2025/12/04/advancing-microsoft-365-new-capabilities-and-pricing-update/

Microsoft is updating DNS provisioning for new Accepted Domains to support DNSSEC adoption. Starting July 1, 2026, A records for newly added Accepted Domains will be created under mx.microsoft subdomains instead of mail.protection.outlook.com.

Organizations using automation or workflows that rely on mail.protection.outlook.com for MX record configuration may experience mail flow issues unless updated. Going forward, the List serviceConfigurationRecords Microsoft Graph API will become the authoritative source for retrieving MX record values.

Solution: Update domain provisioning or MX record automation to use the List serviceConfigurationRecords Graph API instead of relying on mail.protection.outlook.com before July 1, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1048624

Microsoft will discontinue support for SharePoint Alerts. Existing alerts can no longer be modified and will eventually stop functioning.

Solution: Microsoft recommends migrating SharePoint Alerts to Power Automate or SharePoint Rules. Use the Microsoft 365 Assessment tool to review alerts and plan the move.

Ref: https://support.microsoft.com/en-us/office/sharepoint-alerts-retirement-813a90c7-3ff1-47a9-8a2f-152f48b2486f

Microsoft 365 Archive will support file-level archiving in SharePoint, enabling more granular retention and storage control. This feature will reach general availability in July 2026.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=477371

Previously, auto-expanding archive mailboxes were limited to 1.5 TB, after which they would stop working. This limit has now been removed, allowing archive mailboxes to grow beyond 1.5 TB automatically to support ongoing retention needs.

This feature follows a consumption-based pricing model for storage beyond 1.5 TB, costing $0.25 per GB per month (or $0.0082 per GB per day).

Ref: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=560820#Roadmap

Starting July 2026, Microsoft will retire SharePoint’s One-Time Passcode (OTP) authentication and transition all external sharing to Microsoft Entra B2B. External users who previously accessed content using OTP will receive access denied unless a corresponding guest account exists.

• All external access shifts to Microsoft Entra B2B, enforcing Conditional Access, Identity Protection, and centralized guest governance.
• Authentication, invitations, and audit tracking move from SharePoint OTP to Entra B2B and its audit logs.
• Existing “specific people” links may fail for users without a corresponding guest account.

Solution: Create a guest account in Entra B2B or have an internal user re-share content to automatically provision the guest account and restore access.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1243549

Exchange Online PowerShell is deprecating the -Credential parameter as it relies on the legacy ROPC authentication flow that does not support MFA or Conditional Access. This change applies to both the Connect-ExchangeOnline and Connect-IppsSession cmdlets.

Solution: Move to secure authentication methods such as interactive sign-in, app-only authentication, or managed identity authentication when connecting to Exchange Online PowerShell.

Ref: https://techcommunity.microsoft.com/blog/exchange/deprecation-of-the–credential-parameter-in-exchange-online-powershell/4494584

Microsoft Teams is introducing a centralized evaluation experience in the Teams admin center to simplify app and agent approval decisions. Administrators can define organizational trust requirements once, after which Teams will automatically generate evaluation scores and detailed assessment reports for apps and agents based on compliance and security criteria.

The evaluation score settings will be available under Teams admin center → Teams apps, allowing admins to review, sort, and filter apps using trust and compliance insights. This feature is enabled by default and does not change existing app enablement or blocking behavior.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1218713

Microsoft Defender for Office 365 is improving how promotional emails are handled by tagging them as “promotions” and optionally moving them to a dedicated Promotions folder.

If the “Bulk moves enabled” setting is turned on, tagged emails will automatically move to the Promotions folder. Users can also create inbox rules based on the promotions tag, and the system will continue learning from user behavior to improve accuracy. It will be out in general availability by early July 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1279093

Due to low usage, Microsoft will remove the noise suppression toggle from video playback controls for videos stored in OneDrive and SharePoint.

All other video and audio playback features will remain available without any changes.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1272549

The Top domain mail flow status report in the Exchange Admin Center currently provides insights into inbound and outbound mail flow.

Microsoft will retire this report on July 6, 2026, as part of efforts to modernize reporting and introduce more flexible options. After this date, the report will no longer be available, and admins will need to use alternative methods to monitor mail flow.

Ref: https://learn.microsoft.com/en-us/exchange/monitoring/mail-flow-reports/mfr-top-domain-mailflow-status-report

InfoPath Client 2013 will reach the end of its extended support period on July 14, 2026, and to keep an aligned experience across Microsoft products, InfoPath Forms Service will be retired from SharePoint Online.

Solution: To understand the usage of InfoPath within your organization, you can utilize the Microsoft 365 Assessment tool to scan your tenant and analyze InfoPath usage. If you are currently using InfoPath, you can initiate the migration process to modern alternatives such as Power Apps, Power Automate, or Forms.

Ref: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/support-update-for-infopath-forms-services-in-microsoft-365/ba-p/3858190

Microsoft will retire SharePoint Designer 2013 in accordance with the Microsoft Fixed Lifecycle Policy to support the transition toward modern workflow automation and customization experiences. After July 14, 2026, Microsoft will no longer provide technical support, security updates, or product fixes, and no extensions or exceptions will be available.

Solution: Use SharePoint Migration Tool (SPMT) 4.1 to assess existing workflows and migrate them to Power Automate by July 13, 2026.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230891

Starting late July 2026, Microsoft Teams will support Planner tabs in Shared and Private channels, enabling users to add new or existing plans directly for seamless task tracking. The feature will be turned on by default.

Users can add Planner via the “+” tab experience, with plans inheriting channel permissions and Microsoft 365 compliance controls. Existing Planner behavior remains unchanged, and all data continues to follow current storage and retention policies.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1262590

Microsoft is expanding Planner integration within Teams by enabling Planner tabs in both Shared and Private channels. Starting mid-May 2026, users can add new or existing plans directly to these environments, allowing for seamless task management within the channel. The feature is enabled by default.

Users can add Planner via the “+” tab experience, with plans inheriting channel permissions and Microsoft 365 compliance controls. Existing Planner behavior remains unchanged, and all data continues to follow current storage and retention policies.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1262590

Microsoft Defender Threat Intelligence will merge with Microsoft Defender and Microsoft Sentinel by August 1, 2026, bringing threat intelligence directly into the SecOps workflow. After the transition, threat insights will be available through the Microsoft Defender portal, with enhanced Threat Analytics that include:

• Indicators of Compromise (IoCs) integrated into reports
• MITRE ATT&CK mappings for tactics and techniques
• Insights into threat actors and targeted industries
• IoCs linked to cases for Microsoft Sentinel customers

After August 1, 2026, accessing MDTI capabilities will require an active Microsoft Defender or Microsoft Sentinel license.

Solution: Plan your transition to Microsoft Defender or Microsoft Sentinel before the deadline and review licensing to ensure uninterrupted access to MDTI capabilities.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1192257

Application accounts are accounts that exist directly within applications and are often created outside of Microsoft Entra ID. These may include local or orphaned accounts that are not centrally managed, making it difficult to track access and enforce governance.

Microsoft Entra ID Governance introduces Account Discovery to help administrators identify these accounts across connected applications. It can detect local and orphaned accounts and match them with Microsoft Entra ID users, improving visibility and access control.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1287372

Microsoft is upgrading the backend service that supports Captions & Subtitles in PowerPoint. As a result, users running Microsoft 365 PowerPoint app versions earlier than 16.0.19426.20218 (Windows) or 16.103.1207.4 (macOS) will lose access to caption and subtitle features after the update.

Solution: Update PowerPoint clients to Windows (Win32) 16.0.19426.20218 or macOS 16.103.1207.4 or later.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1231437

Read Aloud, Transcription, and Dictation features in Microsoft 365 Office apps will stop working on versions earlier than 16.0.18827.20202 because of backend upgrades. This change takes effect after September 2026 for Worldwide tenants and November 2026 for GCC, GCC High, and DoD environments.

Solution: Update all Office apps to 16.0.18827.20202 or later before the deadline.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1127222

Microsoft is retiring legacy Education LTI tools (Teams Assignments, OneDrive, OneNote Class Notebook, Reflect) on September 17, 2026, replacing them with a unified Microsoft 365 LTI tool. Users and admins will need to transition to the Microsoft 365 LTI unified tool.

Ref: https://admin.microsoft.com/Adminportal/Home#/MessageCenter/:/messages/MC1160188

Microsoft is officially retiring Conditional Access Custom Controls on September 30, 2026. This legacy preview feature is being replaced by External MFA, a more robust and integrated framework for third-party MFA providers.

Solution: Admins should migrate to External MFA before the retirement date to avoid disruption.

Ref: https://techcommunity.microsoft.com/blog/microsoft-entra-blog/external-mfa-in-microsoft-entra-id-is-now-generally-available/4488926

Microsoft is updating the default storage location for whiteboards created in Teams Channel tabs. Starting in late Sep 2026, these files will be stored in the channel’s associated SharePoint site instead of the creator’s OneDrive. Enabled by default, this change prevents access issues caused by sharing settings, Information Barriers, and Conditional Access policies.

With this update, Whiteboards inherit SharePoint-based Microsoft Purview controls such as DLP, sensitivity labels, retention, eDiscovery, and audit logging, while also improving centralized compliance monitoring and reporting.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1253753

Microsoft is introducing Just-in-Time protection for SharePoint in Microsoft Purview Data Loss Prevention in preview.

With this feature, organizations can automatically apply DLP restrictions to unclassified files when they are accessed or shared externally. Instead of restricting files in advance, JIT protection enforces security measures only when there is a risk of data leaving the organization.

Ref: https://www.microsoft.com/en-us/microsoft-365/roadmap?searchterms=139457

October 1, 2026, Microsoft will start blocking EWS requests from non-Microsoft apps to Exchange Online. The changes in Exchange Online do not affect Outlook for Windows or Mac, Teams, or any other Microsoft product.

Solution: Migrate your applications to Microsoft Graph to access Exchange Online data and gain access to the latest features and functionality.

Ref: https://techcommunity.microsoft.com/t5/exchange-team-blog/retirement-of-exchange-web-services-in-exchange-online/ba-p/3924440

User risk policy or Sign-in risk policy UX in Entra ID Protection (formerly Identity Protection) will be retired on October 1, 2026.

Solution: Migrate Sign-in risk and User risk policies to Conditional Access.

Ref: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/what-s-new-in-microsoft-entra/ba-p/3796395

In October 2026, Microsoft will discontinue Publisher in Microsoft 365, with on-premises suite support ending. While support lasts, they’re exploring modern alternatives across Word, PowerPoint, and Designer for common Publisher tasks, with updates forthcoming.

Ref: https://admin.microsoft.com/?ref=MessageCenter/:/messages/MC716267

Microsoft Entra ID is enforcing a stricter Content Security Policy (CSP) for sign-ins starting mid-October 2026. Only trusted Microsoft scripts will be allowed, blocking injected code to reduce XSS risks. This applies to browser-based sign-ins on login.microsoftonline.com and does not affect Entra External ID tenants.

Solution: If you use tools or extensions that inject code, switch to non-injecting alternatives and test sign-in flows before CSP enforcement begins.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1191924

Microsoft will retire Office LTSC 2021, Visio LTSC 2021, Microsoft Project LTSC 2021, and a few other products on October 13, 2026.

To continue receiving support and updates, Microsoft recommends upgrading to a Microsoft 365 or Office 365 plan that includes Microsoft 365 Apps. If a fully offline solution is required, upgrading to Office LTSC 2024 is recommended, which will be supported until October 2029.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1278920

Microsoft will retire Microsoft Entra Privileged Identity Management Iteration 2 (beta) APIs on October 28, 2026. After this date, applications and scripts using these APIs will fail because the endpoints will no longer return data.

Solution: Migrate to the Iteration 3 (GA) APIs, which are fully supported and more reliable. Stop new development on Iteration 2 APIs and begin migration planning.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1181281

Starting in December 2026, organizations will be able to select how long Message Trace data is retained by choosing from a set of predefined retention periods. This enhancement gives admins greater flexibility to align log retention with their compliance, audit, and operational requirements.

Ref: https://www.microsoft.com/en-in/microsoft-365/roadmap?id=542929

SMTP AUTH Basic Authentication will be disabled by default for existing tenants by Dec end, though admins can enable it if required.

Solution:

• Migrate applications and devices to OAuth-based authentication.

• Use alternatives such as High-Volume Email for Microsoft 365, Azure Communication Services for Email, or an on-premises Exchange.

Ref: https://techcommunity.microsoft.com/blog/exchange/updated-exchange-online-smtp-auth-basic-authentication-deprecation-timeline/4489835

Dynamics 365 Guides and Dynamics 365 Remote Assist will retire on December 31, 2026. After this date, the products will no longer receive security updates, bug fixes, or technical support.

Solution: Customers should plan their transition early by identifying dependent users and scenarios. Explore alternative mixed reality solutions available in the Microsoft Marketplace, and consider Microsoft Teams Mobile with spatial annotation for certain remote collaboration use cases.

Ref: https://learn.microsoft.com/en-us/lifecycle/announcements/dynamics-365-guides-remote-assist-end-of-support

Microsoft will disable Basic Authentication with Client Submission (SMTP AUTH) by default starting January 2027. OAuth will be the supported authentication method.

Proactive Steps:

• Move applications and devices to OAuth-based authentication for SMTP AUTH.
• If Basic Authentication is still needed, consider alternatives such as High-Volume Email for Microsoft 365, Azure Communication Services for Email, or an on-premises Exchange Server in a hybrid setup.

Ref: https://techcommunity.microsoft.com/blog/exchange/updated-exchange-online-smtp-auth-basic-authentication-deprecation-timeline/4489835

To unify the interface across Microsoft Defender products, Microsoft will retire the Microsoft Defender for Endpoint (MDE) Advanced Hunting API and Microsoft Defender XDR Advanced Hunting API.

Solution: Move to Microsoft Graph Security API for broader data coverage, improved consistency, and better scalability for automation and security workflows.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1220762

Microsoft 365 Enterprise users will automatically switch to the new Outlook for Windows, gaining access to modern features like Copilot, theming, and time-saving options such as Pinning and Snoozing emails. A toggle will be available for users to revert to the classic Outlook. Admins can prevent this automatic migration via cloud policy.

The opt-out phase originally scheduled for April 2026 has been postponed to March 1, 2027, providing organizations with additional time to prepare.

Ref: https://admin.microsoft.com/#/MessageCenter/:/messages/MC949965

Microsoft will retire security questions as an authentication method for Self-Service Password Reset (SSPR) in Microsoft Entra ID starting March 2027, due to security vulnerabilities and low verification reliability.

After this retirement, users will no longer be able to verify their identity using security questions during password reset. Organizations that continue relying on this method may experience failed password reset attempts, user lockouts, and increased help desk support requests.

Solution: Ensure users are registered with supported authentication methods before March 2027 to avoid Self-Service Password Reset failures.

Ref: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-security-questions

In October 2027, Microsoft will remove the option to create meetings without passcodes. This means all online meetings created through the Microsoft Graph API will automatically require a passcode, and the isPasscodeRequired property on the joinMeetingIdSettings resource will be removed. This change ensures that every meeting is consistently secured with a passcode, simplifying meeting creation, and improving security.

Ref: https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC985483

To align with the updated passkey policy API schema that supports group-based passkey profiles, Microsoft will retire isAttestationEnforced and keyRestrictions from the fido2AuthenticationMethodConfiguration API. During the transition, these properties will sync with attestationEnforcement and keyRestrictions in the Default passkey profile.

Solution: Admins should update configurations, automations, and integrations to use the new schema.

Ref: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1188230

In conclusion, navigating the ever-evolving landscape of Microsoft 365 requires staying informed about the changes 🔍. By proactively adapting to these changes, you can optimize your Microsoft 365 experience, maximize productivity, and effectively plan for the future. 💪

Don’t miss out on the latest buzz in Microsoft 365! 🐝

We’re committed to keeping this blog fresh with the most current information. Stay tuned for the latest updates!

End of Support Resources for Microsoft 365: