1. New Graph in Microsoft Purview for AI Data Security: Department-Level Insights
Overview
Microsoft Purview is bringing to the table a new feature in its Data Security Posture Management for AI. There will be a graph showing details of user interaction with AI apps, divided into segments based on departments. This data will come from user profiles in Entra. So, there will be more granular visibility into departmental interaction with AI.
Impact
The update will help your organization better manage AI interactions, which are almost always sensitive, across different areas. The graph is called “Sensitive interactions by department.” It will be available by default in Purview.
Action Needed
No action required on your part.
The feature starts rolling out for public preview by late Feb 2025. Expect general availability in April 2025.
2. Microsoft Teams: New Brand Impersonation Protection for External Chats
Overview
Teams is now finallizing the roll out of a new capability to prevent attempts of brand impersonation in external chats. This new feature is about security enhancement to help your users identify whenever an external user tries to impersonate some famous company or name during their initial interaction in Teams chat. Your users will receive a High Lert warning if such a risk is detected by Teams so they proceed with caution. The feature will be on by default and no admin involvement is required to get it to work.
Impact
For any organization allowing external users to access their users in Teams, this enhancement is sure to elevate their security by automatically scanning for potential impersonation risks. The feature starts working right when your users first receive a message from an external domain. Users quickly see a high-risk warning when there is a risk during the Accept/Block flow in Teams. They will need to preview the message before they can either accept or block it. If they choose to accept, they will receive another prompt showing the risk again. These impersonation alerts will also be logged for admins.
Action Needed
No immediate action required. However, you can update any relevant documentation. Encourage users to always preview external messages.
3. Microsoft Graph API: New Default Passcode Requirement for Meeting Creation
Overview
Starting 24th of Feb 2025, Microsoft Graph API will automatically ask for a passcode when users try to create online meetings using the Create Meeting API. So, following this change, the new behaviour is going to be default as it enhances meeting security, making it a mandatory, default setting unless specified otherwise. That said, there will be no option to create meetings without passcodes after 2027.
Impact
This update alters how online meetings will be created from now. Before this, admins or users were able to let others join meetings without passcode. After this Feb, without specifying otherwise, the meetings will, by default, require passcodes to join. Basically, this is a part of an attempt by Microsoft to strengthen their platform’s security.
Action Needed
Review apps/integrations using the Graph API to create online meetings.
4. Introducing Org Explorer in Microsoft 365: Visualize Your Organization’s Structure
Overview
Microsoft 365 is introducing a new service, Org Explorer, to Outlook. This tool will allow users to see their company’s internal structure and allow them to discover its employees, teams, responsibilities. Initially, it’s available for Outlook for Windows, for Web, and for Mac.
Expect a full rollout by mid-April 2025. Previously, Org Explorer required a Viva premium license, but now, it has changed. Org Explorer is available to all M365 subscribers, regardless of their Viva plan.
Impact
Org Explorer helps you grasp your company’s internal structure in a more accessible way. You’ll get to know who works with whom, who has what role, and how different teams are connected. Org Explorer is going to be a valuable tool for better collaboration. However, access to this tool will depend on the version of Outlook you’re using.
Action Needed
No immediate action is required.
5. New Feature: Multiple Account Access to Copilot in Microsoft 365 Apps
Overview
Starting this March, Microsoft 365 is going to offer a new feature that will allow your users multiple account access to Copilot. This will include both desktop and mobile apps i.e. Excel, PowerPoint, Outlook, etc. For all the users who have multiple accounts to leverage Copilot, this development will allow users to use Copliot for any document they can access, no matter if it’s a work or school document.
Remember, Copilot’s data protection will remain tied to the identity of the account used.
Impact
This development will let your users enjoy some great flexibility if they want to work with multiple accounts. This way, they can seamlessly use Copilot on different docs without having to switch between accounts. However, despite that flexibility, enterprise data protection still stays intact as Microsoft keeps record of the access based on the identity used to access files.
But, if your admins have disabled Web Grounding in Copilot, your users won’t be able to use this feature from any account, even when using Copilot.
Action Needed
If your organization wants to limit this feature and wants to control Multiple Account Access, you can do it via cloud policy: Multiple account access to Copilot for work documents. This policy has been available since January 2025. But if you are okay with the development, no further action is required.
6. Deprecation of WSUS Driver Synchronization: What You Need to Know
Overview
Microsoft just announced the deprecation of WSUS (Windows Server Update Services) driver synchronization. This will come into effect this April. This means that, after this date, you won’t be able to import driver updates from the Microsoft Update catalog into WSUS. Drivers will still be accessible via the Microsoft Update Catalog, but they won’t be importable into WSUS for on-prem contexts.
Instead, you’ll need to shift to alternative solutions like Device Driver Packages or Intune or even Windows Autopatch.
Impact
If you are relying on WSUS for managing driver updates, your deployment and updating of drivers will now change. You need to switch to the alternative cloud-based services mentioned above. Failure to adapt will definitely disrupt your driver management workflows and may potentially expose your system to risks.
Action Needed
To prepare, check first by transitioning to one of the alternative solutions. Windows Autopatch will give you programmatic control over driver updates, so thta could be the best option. Review the full deprecation announcement for more details. Make sure your experts are ready for the switch.
7. Microsoft Entra Update: Passkey Support in Authenticator App for FIDO2 Organizations
Overview
Microsoft has started rolling out passkey (FIDO2) support in the Microsoft Authenticator app. This change is for organizations that have enabled passkey authentication with no key restrictions.
Now, users can add passkeys as their preferred authentication method. Microsoft Authenticator app offers this option via aka.ms/MySecurityInfo.
Passkeys, along with FIDO2 keys, will be available for passwordless sign-ins. Also, conditional access policies requiring passkey authentication will prompt users to register their passkeys if they haven’t done that already.
Impact
This update affects organizations with the passkey (FIDO2) authentication policy enabled and no key restrictions. For these organizations, passkeys will be automatically available in the Microsoft Authenticator app. If your organization doesn’t have this policy enabled or has key restrictions in place, the update will not impact you. The rollout begins in late January 2025, globally, including GCC, GCC High, DoD regions.
Action Needed
No admin action required!! If your organization prefers not to enable passkeys, you can still impose key restrictions in the FIDO2 policy.
8. New Outlook for Windows: Web Links Open Side-by-Side in Microsoft Edge
Overview
There is a new update in Outlook for Windows to enhance productivity. There will be automatic opening of web links from emails in Microsoft Edge. Already started from July 2024, web links are displayed side-by-side with the email. This makes it easy for them to reference the link and email content without switching back and forth. The feature came to both Azure Active Directory and Microsoft accounts as it rolled out gradually, finally ending in January 2025.
Impact
This change will impact how links open from Outlook in Windows. Links will open in Edge, even if it is not your default browser. But this change will not affect links set to open in client apps or in Outlook itself. Users will be notified of this change the first time they encounter it, and this behaviour can still be managed via policy settings.
Action Needed
Admins can manage this change via M365 Cloud Policy service or Administrative Templates.
Windows Management Experts
Now A Microsoft Solutions Partner for:
✓ Data & AI
✓ Digital and App Innovation
✓ Infrastructure
✓ Security
The Solutions Partner badge highlights WME’s excellence and commitment. Microsoft’s thorough evaluation ensures we’re skilled, deliver successful projects, and prioritize security over everything. This positions WME in a global tech community, ready to innovate on the cloud for your evolving business needs.
Unlock the Full Potential of Microsoft 365
Keep your business at the cutting edge with the latest Microsoft 365 enhancements. The future of work is evolving. Are you ready? Connect with our experts today to ensure your Microsoft 365 & Azure systems are secure and future-proof.
