Microsoft will enable new messaging safety protections in Teams starting January 2026
Microsoft will enable new messaging safety protections in Teams for tenants using the default configuration starting January 2026.
21. December 2025
Tagged: Security
Baseline Security Mode for Office, SharePoint, Exchange, Teams, and Entra in the Microsoft 365 Admin Center
Microsoft is introducing Baseline Security Mode in the Microsoft 365 admin center, providing a central dashboard with 18 recommended security settings for Office products, SharePoint, Exchange, Teams, and Entra.
14. December 2025
Zero-hour auto-purge (ZAP) in Teams for organizations with Defender for Office 365 Plan 1
Microsoft will enable ZAP in Teams for organizations with Defender for Office 365 Plan 1 starting in January 2026, with an opt-out option available for security admins.
30. November 2025
Legacy authentication in SharePoint Online will retire starting February 2026
Legacy IDCRL authentication in SharePoint Online will be retired starting February 2026. Admins should review Purview Audit Logs and update any applications still using legacy protocols.
30. November 2025
SharePoint Online Content Security Policy will be enforced starting March 2026
Microsoft will enforce Content Security Policy (CSP) for SharePoint tenants starting in March 2026. Report-only mode runs from April 2025 to February 2026. Admins should review CSP violations now to avoid broken custom scripts and components once enforcement begins.
25. November 2025
Entra ID now supports multi-device Passkeys for password managers like 1Password
Entra ID now supports multi-device passkeys, allowing users to store their passkey in password managers like 1Password for seamless, passwordless sign-in.
23. November 2025
Remove users from Teams Chats using Microsoft Defender
Admins can now remove users from Teams group chats and 1:1 conversations directly from Microsoft Defender, helping speed up incident response and containment.
16. November 2025
New security features for Teams chats and conversations are now in Public Preview
Microsoft is rolling out three new security features to Teams chats and channel conversations: Weaponizable File Protection, Malicious URL Protection, and the ability to report messages as not a security concern.
20. September 2025
Why SharePoint admins should not ignore Content Security Policy violations
Microsoft is introducing Content Security Policy (CSP) in SharePoint. While it’s currently in Report-only mode, enforcement will block untrusted scripts. SharePoint administrators should review violation reports now and prepare trusted sources before enabling CSP.
13. September 2025
Blocking legacy protocols with new Trust Center settings in Microsoft 365 Apps for Windows
Microsoft has introduced new Trust Center controls in Microsoft 365 Apps for Windows to reduce risks from legacy protocols. By default, FPRPC is now blocked, while FTP and HTTP remain allowed unless users or admins choose to disable them.
19. August 2025
Report security risks with external users in Teams chats
Microsoft Teams has added a new capability, allowing internal users to report security risks when interacting with external users in 1:1, group, and meeting chats.
12. May 2025
Use Connect-SPOService without Basic Authentication
In the standard version, Connect-SPOService continues to use Basic Authentication for the connection to SharePoint Online. SharePoint administrators can customize it very easily.
13. September 2024
License changes for Microsoft Cloud products – April 2024
In April, Microsoft introduced two new licenses and rolled back a change made in February.
2. April 2024
Passkey with Windows 11, 1Password, and iOS 17
More operating systems and apps support Passkey. I tested Passkey with Windows 11, 1Password and iOS 17 in GitHub.
27. September 2023
Passkey with Microsoft account (and 1Password)
1Password now supports Passkey with their browser extension. I tried Passkey with a Microsoft account.
7. June 2023