What’s New in the Hybrid Data Center & Microsoft | July 2026

Hybrid Data Center Team

eGroup

AI operations, agent governance, cyber recovery, and data protection continue to reshape both hybrid infrastructure and Microsoft Cloud strategy. This month’s updates point to a clear priority for IT leaders: reduce operational friction while improving control over AI agents, sensitive data, identity, recovery, and aging infrastructure before support windows close.


What’s the Buzz at eGroup This Month?

Copilot Cowork and mTLS Certificate Changes

Two Microsoft updates are getting a lot of attention right now.

Copilot Cowork is now generally available, bringing new capabilities and licensing changes that many organizations are still sorting through.

At the same time, Microsoft’s mTLS certificate changes for Teams Direct Routing have moved from a future consideration to an immediate priority after recent testing has shown an impact to some Teams Phone environments.

If you’re evaluating what Copilot Cowork would mean for your users or confirming your Teams Phone environment is ready for the next rollout, our team has resources and guidance to help you move forward with confidence.


What’s New in the Hybrid Data Center?

Cisco/Meraki

Cisco Live Highlights Point to Agentic Network Operations
Cisco/Meraki’s focus is shifting toward unified control, AI-assisted operations, runtime protection, and platform modernization. Cisco Live 2026 highlighted a future where AI becomes an active participant in operating and defending enterprise networks.

View full Cisco/Meraki update
  • Cisco Cloud Control unifies enterprise management
    Cisco Cloud Control brings networking, security, data center, observability, and collaboration tools into a single management interface. For organizations managing Meraki, Catalyst Center, Nexus, Intersight, and Splunk separately, this could reduce tool sprawl, simplify administration, and improve visibility across distributed environments.
  • Agentic Actions enters beta through Meraki
    Agentic Actions for networking enters beta in June 2026 through the Meraki platform and is designed to detect issues, determine root cause, propose a fix, test it, and apply it with human oversight. This matters because network operations teams are under pressure to shorten incident response times without giving up approval controls for production changes.
  • Digital Twin reduces production change risk
    Cisco’s new Digital Twin capability creates an emulated replica of a production network using actual software images. Proposed changes can be tested against the twin before live deployment, reducing risk during maintenance windows and helping teams validate configuration changes before they affect users or workloads.
  • Multicloud Fabric simplifies branch, data center, and cloud connectivity
    Cisco Multicloud Fabric is a cloud-delivered service that connects branch offices, data centers, and workloads across AWS, Azure, Google Cloud, and other providers through a managed overlay. Because no additional customer-side hardware is required, it may simplify multicloud connectivity planning for distributed enterprises.
  • Live Protect expands runtime vulnerability protection
    Cisco Live Protect shields Cisco products from newly discovered vulnerabilities at runtime without reboots, upgrades, or downtime. Its expansion to campus and branch Smart Switches is important because AI-enabled attacks have compressed the time between disclosure and exploitation, making maintenance-window-based protection strategies less effective.
  • Agentic IAM addresses non-human identity risk
    Cisco introduced Agentic IAM to provide temporary, task-scoped access for AI agents through Cisco Secure Access. This builds on Cisco’s acquisition of Astrix Security and is relevant for organizations trying to govern API keys, service accounts, AI agents, and other non-human identities with least privilege.
  • New switching, routing, wireless, and industrial platforms expand infrastructure options
    Cisco released new platforms including the Catalyst 9550 core switch, 8100, 8200, 8300, and 8600 Secure Router series, outdoor Wi-Fi 7 access points, and the IR1000 industrial router. Data center systems built on the Silicon One G300 chip are targeted for general availability in the second half of 2026 and are designed to deliver 102.4 Tbps of switching capacity for AI workloads.
  • Wi-Fi 6 indoor access points reach end of sale
    Cisco announced the end of sale for Wi-Fi 6 indoor access point families, with a last-order date of December 31, 2026. The indoor MR28 and outdoor MR76, MR78, MR86, and C9124AX models are not included, but organizations planning wireless refreshes should evaluate Wi-Fi 7 to avoid near-term lifecycle risk.
  • Meraki SM mobile device management exits the market
    Cisco has exited the mobile device management market, with the last day to purchase Meraki SM licenses on June 3, 2026, and support continuing through June 3, 2029. Cisco has partnered with Ivanti for Ivanti Neurons for MDM as a migration path, while Microsoft Intune remains a viable option for Microsoft-centric environments.
  • Meraki MT sensors and MX84 appliances require lifecycle planning
    End of sale has been announced for the Meraki MT environmental sensor line, with the last order date set for November 10, 2026. The Meraki MX84 security appliance reaches end of support in October 2026, so organizations should plan replacements to maintain security patches and support coverage.

What to Consider: Organizations should evaluate Cisco’s new management and AI capabilities against current operational models, especially where teams rely on separate dashboards, manual change testing, or aging wireless and security appliances.


Rubrik

Recovery Strategy Moves from Data Backup to Business Recovery
Rubrik’s focus is expanding from backup and recovery into orchestrated cyber resilience, clean recovery, and flexible protection licensing. The updates emphasize application dependency mapping, last-known-clean recovery, and consumption-aligned coverage across data, identity, and AI security.

View full Rubrik update
  • Autonomous Business Recovery orchestrates clean application recovery
    Rubrik’s Autonomous Business Recovery shifts the recovery model from simply backing up data to orchestrating clean recovery of the entire application stack. It maps dependencies automatically, protects new resources as they appear, and identifies the last clean recovery point in seconds, which matters for ransomware recovery, business continuity, and application-level resilience. Read the referenced Rubrik blog for the full details.
  • Rubrik Flex introduces commit-and-draw-down licensing
    Rubrik Flex uses a commit-and-draw-down licensing model where customers pre-negotiate rates, make a single multi-year commitment, and draw down protection across data, identity, and AI security. This gives organizations more flexibility to align protection spend with changing workloads while reducing the need to license every new protection scenario separately.

Quick Take: Rubrik customers should review whether current recovery plans account for full application stack dependencies, clean recovery points, and flexible protection needs across emerging AI and identity workloads.


Cohesity

Headless Cyber Resilience and Clean Room Recovery Advance
Cohesity’s focus is on bringing recovery workflows into the tools responders already use and improving recovery readiness during cyber events. The updates highlight GenAI-assisted operations, isolated recovery, and secure rebuild artifacts.

View full Cohesity update
  • Cohesity Maestro introduces a headless architecture for cyber resilience
    Cohesity Maestro lets responders trigger restores, hunt threats, and pull telemetry through GenAI tools without switching into the Cohesity console. This matters because incident response teams often operate across multiple systems during an attack, and meeting them in their existing tools can reduce friction and speed recovery workflows. Read the Cohesity blog for the full details.
  • Cohesity FortKnox supports Digital Jump Bag recovery to Clean Rooms
    Cohesity FortKnox now supports secure recovery of a Digital Jump Bag and data snapshots to an isolated Clean Room Recovery environment. A Digital Jump Bag can include OS images, software packages, configuration files, and documentation needed to rebuild an environment during a cyberattack, and it can be stored on a Cohesity SmartFiles View with data lock and object lock enabled before replication to the FortKnox vault.

Nutanix

AI Control Planes, Sovereignty, and Security Advisories
Nutanix’s focus is on enterprise AI governance, sovereignty, and hardening core infrastructure against Linux kernel vulnerabilities. The updates highlight AI agent traffic control, data control requirements, and patching across AOS, AHV, Prism Central, NKP, Files, NDB, and related products.

View full Nutanix update
  • Nutanix Agent Gateway adds a control plane for AI traffic
    Nutanix Agent Gateway, introduced in Nutanix Enterprise AI 2.7, provides a unified control plane for traffic between AI agents, LLMs, and internal data. It gives applications a single endpoint for routing between public models such as OpenAI and Anthropic and private self-hosted models without code changes, while adding centralized token visibility, per-team rate limiting, RBAC, and audit logging for Model Context Protocol tool calls.
  • Nutanix challenges assumptions about data sovereignty
    Nutanix’s must-read article, “The Myth of the Sovereign Datacenter,” argues that local hosting alone is not enough to prove control over data. This matters for regulated organizations because geography does not replace evidence of governance, access control, auditability, and operational authority. Read the Nutanix blog for the full details.
  • Nutanix publishes Linux kernel privilege escalation advisories
    Nutanix published advisories SA-0047 “Copyfail” with CVSS 7.8, SA-0048 “Dirty Frag” and “Fragnesia” with CVSS 7.8, and SA-0050 “DirtyClone” with CVSS 8.8. All require local access to exploit, but affected organizations should limit SSH access to high-privilege users, follow container isolation best practices, and upgrade affected products to the fixed release or later.
  • DirtyClone requires close monitoring because exposure is still being investigated
    SA-0050 “DirtyClone” is the newest and most severe advisory and bypasses earlier DirtyFrag fixes. Since exposure is still being investigated, administrators should monitor the Nutanix Support Portal for updates and validate patch coverage across AHV, NKP, Files, Network Gateway, AOS, Prism Central, NDB, and related products.

 


Everpure (Pure Storage)

Azure VM Automation and VMware Metro Resiliency Improve Storage Operations
Everpure’s focus is on reducing storage configuration drift and modernizing enterprise storage protocols without compromising availability. The updates target Azure VM storage automation and zero-RPO resiliency for VMware Cloud Foundation environments.

View full Everpure update
  • Everpure Cloud VM Extension for Azure VMs reaches general availability
    The Everpure Cloud VM Extension automates iSCSI configuration, MPIO enablement and tuning, target connectivity, and Everpure-recommended best practices in a single Azure VM deployment. This replaces runbooks and custom scripts, reducing configuration drift and improving consistency for teams attaching iSCSI storage to virtual machines.
  • FlashArray ActiveCluster over NVMe-oF supports VMware Cloud Foundation 9.1
    Everpure’s engineering update explains that FlashArray ActiveCluster over NVMe-oF now works with VMware Cloud Foundation 9.1 to deliver zero-RPO metro resiliency for mission-critical workloads. This gives VMware shops a path to lower-overhead, flash-optimized storage protocols without giving up stretched-cluster availability. Read the Everpure engineering post for the full details.

Nerdio

Desktop Virtualization Planning for 2026 Gets More Practical
Nerdio’s focus is helping organizations evaluate desktop virtualization options as licensing, operating system lifecycle, and cost pressures converge. The guidance compares VDI, DaaS, RDS, Azure Virtual Desktop, Windows 365, and broader Windows Cloud strategies.

View full Nerdio update
  • Nerdio’s 2026 desktop virtualization guide supports multi-model planning
    Nerdio’s “Desktop virtualization in 2026” guide addresses the practical decision points around VDI, DaaS, RDS, Azure Virtual Desktop, and Windows 365. The key takeaway is that many organizations will operate more than one model, especially where user profiles, application requirements, cost controls, and migration timelines differ across the business.

What to Consider: Organizations facing Citrix renewals (30%+), Windows 10 end of life, or upcoming budget decisions should model more than one desktop delivery approach instead of assuming a single platform will fit every use case.


VMware

VCF 9.1 Updates the Patching Model for Faster Threat Response
VMware’s focus is modernizing patch management for a threat landscape where exploitation can follow disclosure in hours. VMware Cloud Foundation 9.1 emphasizes layered, orchestrated patching across the full stack.

View full VMware update
  • VCF 9.1 introduces layered, orchestrated patching
    VMware Cloud Foundation 9.1 applies fixes quickly with minimal to zero workload disruption across all three tiers of the stack. This matters because vulnerability response now requires faster remediation models that preserve uptime while reducing the risk of unpatched exposure.

Why It Matters: Quarterly maintenance windows and long remediation timelines create unacceptable exposure when attackers move quickly from public disclosure to active exploitation.


What’s New in Microsoft Cloud?

Azure

Azure: Modernization, Recoverability, and Governed Data Access Expand

Azure’s focus this month is modernization readiness, high-churn workload recovery, identity-based database access, and governed data access for AI and analytics. The updates support application assessment, production data controls, and better integration between Azure Databricks and Microsoft 365 workstreams.

  • Azure Migrate adds GitHub Copilot Modernization integration in public preview
    Microsoft expanded Azure Migrate with a public preview integration for GitHub Copilot Modernization to assess application code at scale and estimate modernization effort. This helps organizations decide which applications should move as-is, be refactored, or be replatformed.
  • Azure Site Recovery increases supported data churn to 500 MB/s per VM
    Azure Site Recovery now supports a data churn rate of up to 500 MB/s per VM, improving recoverability for high-transaction workloads such as databases and analytics systems. This matters for business continuity because it can reduce data loss exposure for workloads with heavy write activity.
  • SQL MCP Server reaches general availability for AI agent data access
    SQL MCP Server is now generally available and gives AI agents a more controlled way to interact with production data. This reduces reliance on one-off database connections and supports more governed patterns for agent access to SQL workloads.
  • Azure SQL Database adds Microsoft Entra server principals
    Azure SQL Database now has generally available Microsoft Entra server principals. This helps organizations move database access under centralized identity governance instead of relying on separate SQL logins.
  • Azure Databricks expands Genie integrations and cost controls
    Azure Databricks added Genie updates for Microsoft Teams, Microsoft 365 Copilot, Excel, SharePoint, Power BI, and OneLake to help users ask questions of governed business data across everyday tools. Genie Spaces also added pay-as-you-go pricing with admin budget controls, while related Azure storage and compute updates provide more tuning options for performance, cost, and AI infrastructure growth.

Agent 365

Agent 365: Local Agent Discovery, Identity, and Containment Mature

Agent 365’s focus is on bringing AI agents under enterprise governance through discovery, registry, identity, lifecycle controls, and endpoint containment. The updates connect Defender, Entra, Intune, and SDK-based integrations into a broader operating model for agents.

  • Agent Registry discovers unmanaged local agents
    Microsoft expanded Agent 365 with an Agent Registry that surfaces unmanaged local agents discovered by Microsoft Defender, Entra, and Intune. It supports more than twenty types of local agents, including coding agents and Model Context Protocol servers, while Intune policies can block common execution methods.
  • Runtime DLP for agent prompts enters preview
    Agent 365 adds runtime data loss prevention for agent prompts in Foundry in preview. This matters because agent prompts can include sensitive business context, regulated data, credentials, or confidential operational details that need policy inspection before they leave approved boundaries.
  • Agent 365 SDK reaches general availability
    The Agent 365 SDK lets developers bring agents built on external platforms or open-source frameworks into Agent 365 with a unified registry, Entra-based agent identity, Defender threat detection, and rules-based lifecycle governance. SaaS providers including Genspark, Zendesk, Egnyte, Kore.ai, and n8n have already integrated the SDK.
  • Microsoft Execution Containers SDK enters early preview
    Microsoft introduced an early preview of the Microsoft Execution Containers SDK so Agent 365 can apply policy-based containment to local agents on Windows through Microsoft Entra and Intune. This is important for limiting the blast radius of agent execution and enforcing endpoint policy where agents run locally.

Copilot

Microsoft 365 Copilot: Agentic Workflows, New Surfaces, and Governance Controls Expand

Microsoft 365 Copilot’s focus is expanding from assistive chat into autonomous work, persistent workspaces, governed grounding, analytics, and workflow execution. The updates affect Teams, Outlook, OneDrive, SharePoint, Word, Excel, PowerPoint, Planner, Forms, Search, and admin controls.

Models and Platform

  • Scout enters private preview as an autopilot agent
    Microsoft introduced Scout in private preview as an always-on autopilot agent that works autonomously under its own Entra identity across Teams, Outlook, OneDrive, and SharePoint. Grounded by Work IQ, it can coordinate meetings, prepare materials, block focus time, and flag risks without being prompted each time.
  • Copilot Cowork reaches general availability
    Copilot Cowork is an agentic system for complex, long-running, multi-tool cloud tasks and is now generally available. It requires a Microsoft 365 Copilot license, is off by default, bills on usage through Copilot Credits with admin spending limits, and offers model choice across Claude Opus 4.8, Sonnet 4.6, and GPT-5.5.
  • Claude Fable 5 is available for Copilot Cowork Frontier users
    Anthropic Claude Fable 5 is available as an opt-in model for Copilot Cowork Frontier users. Admins have controls for enabling the model, and organizations should review the separate data retention terms before allowing sensitive workloads to use it.

User Experience and Surfaces

  • Copilot Notebooks begin rolling out to commercial and education users
    Copilot Notebooks are persistent workspaces available in the Microsoft 365 Copilot app and OneNote that organize chats, files, emails, and notebook content across Microsoft 365. They can suggest relevant Word, Excel, and PowerPoint artifacts, create Excel spreadsheets from notebook content, and support mixed-license collaboration while full Copilot users retain premium sources and advanced creation capabilities.
  • Copilot Pages adds suggested edits
    Copilot Pages is adding suggested edits so users can improve clarity and quality directly within pages. This helps users refine content without leaving the collaborative Copilot workspace.
  • Copilot in Word improves complex document editing
    Microsoft 365 Copilot in Word now supports more complex edits involving tracked changes, comments, document structure, and formatting preservation. This is especially useful for teams working on formal documents where review history, formatting integrity, and collaboration context matter.
  • The Legal agent in Word enters Frontier preview
    The Legal agent in Word is available in Frontier preview to help legal professionals review contracts, identify risks, compare clauses, and generate edits with tracked changes. Organizations should evaluate this against legal review workflows, privilege considerations, and document sensitivity requirements.
  • Forms adds Copilot Chat and a Forms Agent
    Forms is integrating Copilot Chat and a Forms Agent to support AI-assisted form creation, distribution, and response analysis. This can help teams move faster from survey design to insights while keeping form workflows inside Microsoft 365.
  • Microsoft 365 Copilot adds summarized answers above search results
    Microsoft 365 Copilot can surface concise, summarized answers above search results. This improves information discovery but also increases the importance of accurate permissions, content quality, and data lifecycle governance.
  • The Microsoft 365 Copilot app will automatically install on Windows devices
    The Microsoft 365 Copilot app will automatically install on Windows devices with Microsoft 365 Apps unless admins opt out. Admins should review deployment policies and user communications before the app appears broadly across managed devices.
  • Admins can add a branded footer to the Microsoft 365 Copilot app
    Admins can add a branded footer to reinforce that users are working in a trusted organizational Copilot environment. This can help reduce confusion between approved enterprise AI experiences and unmanaged tools.
  • Copilot in PowerPoint adds access to approved brand assets
    Copilot in PowerPoint is adding native access to approved brand assets, including managed colors, logos, icons, and images. This helps users create on-brand presentations while giving organizations more control over visual consistency.

Automation and Task Execution

  • Copilot Calendar expands agentic scheduling
    Copilot Calendar capabilities are expanding with agentic scheduling experiences in Outlook and Teams, including automated support for rescheduling certain meetings and personal events. This can reduce administrative overhead but should be reviewed against calendar privacy, delegation, and user control expectations.
  • Planner Agent chat is coming directly into Planner
    Planner Agent chat is coming directly into Planner for Frontier users. It helps users manage tasks and ask plan-related questions without leaving Planner, improving task execution inside existing project workflows.

Data Access and Grounding

  • Power BI integration grounds Copilot responses in governed analytics
    Power BI integration with Microsoft 365 Copilot allows Copilot to answer questions using reports and semantic models while respecting existing permissions. This helps users work with governed business data without bypassing established Power BI access controls.
  • Excel Agent adds enterprise search across Microsoft 365 context
    Excel Agent now supports enterprise search across files, emails, meetings, chats, people, and transcripts to produce more context-aware answers. A new file selector also makes it easier for users to browse and choose files while keeping existing permissions intact.
  • Outlook emails can be added as Copilot Notebook references
    Outlook emails can be added as references in Copilot Notebooks. This allows notebook outputs to include relevant email context alongside files and notes, which improves grounding but also makes mailbox permissions and sensitive message handling more important.
  • Domain Exclusion for web grounding gives admins more control
    Domain Exclusion for web grounding lets admins block selected domains from Copilot web grounding when organizational policy requires it. This is useful for organizations that need to exclude unapproved, risky, or restricted web sources from AI-generated responses.

Governance and Administration

  • Admins can publish organization-specific prompts to Copilot Chat
    Admins can publish curated prompts to Copilot Chat that align with organizational priorities, common workflows, or approved use cases. This can help guide adoption toward repeatable, policy-aligned outcomes.
  • Copilot release preferences now support Entra ID groups
    Microsoft 365 Copilot release preferences now support Entra ID groups, giving admins more targeted control over Standard and Deferred release audiences. This improves pilot planning and helps organizations stage Copilot changes by department, role, or readiness group.
  • People Skills adds permanent deletion for skills data
    People Skills adds an admin control to permanently delete skills data from a Microsoft 365 tenant. This supports compliance, offboarding, and data minimization requirements where employee skills data must be removed.

Analytics and Optimization

  • Copilot Analytics expands usage metrics across more apps
    Copilot Analytics is expanding usage metrics across the Copilot app, Edge, OneNote, Outlook, Word, Excel, and PowerPoint. This gives leaders a more complete view of Copilot adoption and helps identify where enablement, governance, or licensing adjustments may be needed.
  • Copilot Analytics adds onboarding communication for group managers
    Copilot Analytics now includes onboarding communication for group managers who are granted access. This helps clarify permissions, expectations, and appropriate use of Copilot adoption data.
  • Copilot connector usage reporting improves visibility
    Copilot connector usage reporting gives admins visibility into activity across Copilot Chat, Search, and agents. This matters because connectors expand Copilot’s data reach, making usage visibility important for governance and risk management.
  • Enhanced Power BI filtering improves Copilot insight analysis
    Enhanced Power BI filtering for Copilot insights enables business-aligned analysis using additional reserved and custom attributes. This helps organizations evaluate Copilot adoption by business unit, role, geography, or other internal reporting dimensions.

Personalization

  • Copilot Studio can recommend agent ideas from prior Copilot activity. Copilot Studio can use prior Microsoft 365 Copilot activity and memory to recommend agent ideas that fit a user’s common tasks and workflows. This can improve maker productivity, but organizations should review personalization, memory, and data-use expectations before scaling.

What to Consider: Admins should review licensing, release preferences, model controls, Copilot app deployment, web grounding exclusions, data retention terms, and analytics visibility before agentic features scale across the tenant.

Copilot Studio

Copilot Studio: Agentic Orchestration and Outcome Measurement Advance

Copilot Studio’s focus is shifting from scripted topic design to agentic orchestration, measurable business outcomes, and integration with MCP-based tools. The updates affect makers, developers, agent workflows, Work IQ APIs, and model tuning scenarios.

  • Custom metrics help measure agent outcomes
    Copilot Studio custom metrics allow makers to measure business outcomes, return, and success indicators for agents. This matters because agent programs need more than usage counts; they need evidence of operational impact, cost benefit, and process improvement.
  • A rebuilt Copilot Studio enters public preview worldwide
    Microsoft made a ground-up rebuild of Copilot Studio available in public preview, replacing hand-wired topics with an agentic orchestrator that selects its own tools and agents. The maker experience moves from nine configuration tabs to four: Build, Preview, Evaluate, and Monitor, with a single visual canvas where workflow steps and agent nodes can be tested node by node.
  • Work IQ APIs introduce an agent-first Microsoft 365 interface
    New Work IQ APIs provide an agent-first interface to Microsoft 365 data and apps using about ten generic Model Context Protocol tools. The APIs use consumption-based Copilot Credits billing and new cost controls in the Microsoft 365 admin center, so admins should review expected usage and budget governance.
  • MCP-compliant tools are supported in agent workflows
    Copilot Studio now supports MCP-compliant tools in agent workflows so agents can discover tools, pass structured inputs, and consume structured outputs. This improves extensibility but also increases the need to govern which tools agents can call and what data they can access.
  • Frontier Tuning enters private preview
    Microsoft introduced Frontier Tuning, a reinforcement learning approach that tunes AI models on an organization’s own data, processes, and conventions inside its compliance boundary. It launched in private preview, with availability coming to Copilot Studio and Microsoft Foundry, and should be evaluated carefully for sensitive data scope, approval processes, and model governance.

Defender for Office 365

Defender for Office 365: Email Handling and User Notification Improvement

Defender for Office 365’s focus is improving mail hygiene, user experience, and localized notification behavior. The updates affect promotional email handling and end-user reporting templates.

  • Promotional email handling gets smarter
    Defender for Office 365 is improving promotional email handling with automatic tagging, optional movement to a Promotions folder, and learning from user actions. This helps reduce inbox noise while allowing organizations to tune how bulk and promotional mail is handled.
  • Mark and notify templates support Outlook language settings
    Defender for Office 365 will localize the default Mark and Notify email template based on each user’s Outlook language settings. This matters for multinational organizations because localized reporting workflows can improve user understanding and reduce support friction.

Defender for Cloud

Defender for Cloud: Container, Multicloud, and Pricing Plan Changes Require Review

Defender for Cloud’s focus is strengthening posture management across containers, Kubernetes, serverless containers, AWS, and GCP. The updates also require administrators to review deprecated pricing plan automation.

  • Container security updates reached general availability on July 1
    Defender for Cloud made several container security updates generally available on July 1, including new container security capabilities, Kubernetes misconfiguration enforcement in Defender for Containers, and discovery and posture for serverless container workloads. Customers running AKS, serverless containers, or multicloud container platforms should review posture, policy, and Secure Score impacts.
  • Deprecated pricing plans can no longer be newly onboarded through the plan enablement API
    Microsoft now blocks new onboarding through the plan enablement API for five deprecated Defender for Cloud pricing plans. Existing subscriptions are not immediately changed, but automation that enables deprecated plans should be updated to supported plans to prevent future failures.
  • More than 200 multicloud recommendations are now generally available
    Defender for Cloud recommendations now include more than 200 new generally available multicloud security recommendations across AWS and GCP resource types. These recommendations affect Secure Score and broaden posture management for organizations operating beyond Azure.

Defender XDR

Defender XDR: Investigation, Least Privilege, and Agent Protection Expand

Defender XDR’s focus is on automated investigation, least privilege for AI-assisted triage, endpoint exposure management, and protection for Microsoft Agent 365. The updates affect email investigations, Linux endpoint connectivity, Entra service principals, and agent security.

  • Automated investigation moves into always-on antivirus
    Microsoft Defender is integrating automated investigation and response directly into always-on antivirus. This removes manual AIR triggering and the standalone AIR experience, which can streamline investigations but may require teams to update operating procedures.
  • Triage agents adopt more limited email permissions
    The Phishing Triage Agent and Security Alert Triage Agent now use a more limited permission that only allows read access to emails associated with alerts instead of all email and collaboration content. This is a meaningful least privilege improvement for organizations using AI-assisted security automation and reduces unnecessary data exposure.
  • Secure Score adds internet exposure recommendations
    Microsoft Secure Score is adding a recommendation to reduce unnecessary inbound internet exposure by identifying internet-facing devices that may require remediation. This helps security teams prioritize attack surface reduction where exposed endpoints increase risk.
  • Threat intelligence enrichment enters preview on entity pages
    Defender XDR added preview threat intelligence enrichment for IP addresses, domains, URLs, and files. Analysts can view reputation, attributed threat reports, infrastructure relationships, and sandbox analysis directly in the investigation workflow.
  • Defender for Endpoint on Linux updates service URL requirements
    Microsoft Defender for Endpoint on Linux has updated service URL allowlist requirements. Organizations should validate network controls so Linux devices continue receiving configuration updates, feature rollouts, and critical mitigations.
  • Defender for Cloud Apps expands app governance to service principals
    Defender for Cloud Apps is expanding app governance to include all Microsoft Entra service principals. This increases visibility into app privilege and risk, especially for non-human identities and automation-heavy environments.
  • Security for Microsoft Agent 365 with Defender is generally available
    Security for Microsoft Agent 365 with Defender is now generally available for customers with a Microsoft Agent 365 license. Defender provides discovery, security posture, threat detection and investigation, and real-time protection for AI agents in the tenant, including Copilot Studio real-time protection when onboarded.

Edge for Business

Edge for Business: Data Protection, Release Cadence, and Copilot Controls Shift

Edge for Business’s focus is enforcing sensitivity controls in the browser, accelerating release validation, and expanding Copilot Chat grounding. The updates affect macOS support, release cadence, sidebar policies, and protected Microsoft 365 content.

  • Sensitivity-labeled PDFs gain screen capture restrictions
    Microsoft Edge will enforce screen capture restrictions for sensitivity-labeled PDFs viewed from OneDrive and SharePoint. This aligns web behavior with desktop protection controls and strengthens protections for labeled files accessed through the browser.
  • Edge Stable version 150 ends support for macOS 12 Monterey
    Microsoft Edge Stable version 150 was released on July 2 and is the last release supporting macOS 12 Monterey. Organizations with managed or unmanaged Mac fleets should plan upgrades to macOS 13 Ventura or later before Edge 151.
  • Edge Stable moves to a two-week release cycle
    Microsoft Edge Stable is moving to a two-week release cycle starting with Edge 152, while Extended Stable remains on its existing eight-week cadence. Admins should review change management and validation processes for environments that remain on the faster Stable channel.
  • Enterprise Preview supports prerelease validation in the Stable app
    Microsoft Edge Enterprise Preview allows admins to validate prerelease Edge builds within the Stable app before broad deployment. This can improve readiness testing without requiring a separate browser experience for pilot users.
  • The sidebar app list is retiring
    Microsoft is retiring the sidebar app list, and new apps can no longer be added to the sidebar. Pinned apps will be removed in a future update, and sidebar app policies will no longer be supported, so admins using sidebar app pinning should review impacted policies.
  • Copilot Chat adds browser and Microsoft 365 grounding
    Edge for Business is adding Copilot Chat support for summarization and contextual grounding across tabs, videos, and Microsoft 365 documents. This uses admin and data protection controls, making policy review important before broad deployment.

Entra ID

Entra ID: Passwordless, Stronger Authentication, and AI Roles Advance

Entra ID’s focus is on stronger authentication, explicit registration, identity governance for AI roles, and reduced risk from compromised mobile devices. The updates affect passkeys, system-preferred authentication, self-service password reset, Microsoft Authenticator, and RBAC for AI administration.

  • Entra passkeys on Windows reach general availability
    Entra passkeys on Windows are generally available and enable passwordless sign-in without explicit user opt-in unless admins block the experience. This can accelerate passwordless adoption while preserving administrative control over rollout.
  • System-preferred authentication applies to first-factor sign-in
    Entra will apply system-preferred authentication to first-factor sign-in for tenants in the Microsoft-managed state. The system selects the most secure registered method available, improving baseline sign-in security.
  • Self-service password reset requires explicit authentication registration
    Self-service password reset will require users to have explicitly registered authentication methods. This reduces reliance on directory-sourced contact information for verification and strengthens recovery assurance.
  • Microsoft Authenticator blocks rooted and jailbroken devices after warnings
    Microsoft Authenticator is strengthening security by blocking Entra credentials on jailbroken or rooted mobile devices after a staged warning period. This helps reduce credential risk from compromised mobile operating systems.
  • Entra RBAC documentation adds AI and agent roles
    Microsoft updated Entra RBAC documentation in June for AI Administrator, AI Reader, Agent ID Administrator, and Agent ID Developer roles. Organizations adopting agents, AI administration, or delegated identity operations should review role definitions to enforce least privilege.

Exchange Online

Exchange Online: Legacy Protocol and Licensing Enforcement Deadlines Approach

Exchange Online’s focus is on reducing legacy protocol risk and enforcing mailbox license rights for EWS access. The updates affect POP3, IMAP4, TLS versions, and frontline or kiosk mailbox scenarios.

  • POP3 and IMAP4 using TLS 1.0 or 1.1 will be blocked
    Exchange Online will block POP3 and IMAP4 connections using TLS 1.0 or 1.1 starting July 2026. Legacy clients and embedded devices must move to TLS 1.2 or higher to maintain connectivity.
  • EWS access will be blocked for certain frontline and kiosk licenses
    EWS access will be blocked for Exchange Online Kiosk, Microsoft 365 F1, Office 365 F1, and F3 mailboxes starting October 1, 2026, unless users have licenses that include EWS rights. Admins should review apps, integrations, and mailbox assignments that depend on EWS.

Fabric

Fabric: OneLake, Power BI, Agents, and Governance Capabilities Expand

Fabric’s focus is improving analytics productivity, AI-assisted report creation, governed app experiences, and sensitivity-based access control. The updates affect OneLake, Power BI, Fabric data agents, Data Warehouse, Data Factory, Rayfin, HorizonDB, DAX, and Purview protection policies.

  • Fabric support and workspace navigation improve
    Fabric users can create support tickets directly from the Fabric Help pane with contextual metadata captured to improve troubleshooting. Tabbed multitasking and object explorer updates are generally available, improving navigation across workspace items.
  • June Fabric updates add OneLake lifecycle and real-time capabilities
    The June Fabric update brought OneLake storage tiers and lifecycle management into preview, made Fabric data agents in Microsoft 365 Copilot generally available, and moved Real-Time Dashboards Live Refresh to general availability. It also added new Data Warehouse and Data Factory capabilities that may affect analytics engineering and operations planning.
  • Rayfin and Azure HorizonDB support AI application backends
    Microsoft introduced Rayfin, an open-source SDK and command-line tool that turns Microsoft Fabric into a production-ready application backend. Microsoft also announced Azure HorizonDB, a PostgreSQL database for AI-powered applications now in public preview.
  • Copilot in web modeling begins rolling out for Power BI
    Copilot in web modeling in the Power BI service is an AI assistant that analyzes semantic models and applies schema changes such as renaming tables and columns, creating relationships, and generating DAX measures from natural language. Admins and BI owners should review model governance because these changes affect shared semantic layers.
  • Power BI report authoring plugin supports AI agent workflows
    Microsoft released a Power BI report authoring plugin in Skills for Fabric that lets AI agents author reports from natural language, reload Power BI Desktop, capture screenshots, and iteratively refine reports. The plugin is optimized for the GitHub Copilot command line and should be evaluated for governance around automated report creation.
  • DAX user-defined functions reach general availability
    DAX user-defined functions are generally available and let authors write a calculation once with typed parameters and documentation comments for reuse across measures, columns, and visuals. They are enabled by default in the June 2026 Power BI Desktop release, making standards and review practices important for BI teams.
  • Org apps with audiences improve governed distribution
    Org apps in Power BI and Fabric with audiences allow multiple org apps per workspace and audience-specific content and navigation. This helps different groups receive tailored experiences from a single governed app model.
  • Purview protection policies for Power BI reach general availability
    Microsoft Purview protection policies are generally available for Power BI and let organizations restrict access to semantic models based on sensitivity labels. Unauthorized users are blocked automatically at runtime regardless of workspace access, which is important for regulated or confidential data models.

Foundry

Foundry: Models, Agents, Retrieval, and Scientific AI Workflows Expand

Foundry’s focus is enterprise-grade AI model access, agent platform tooling, multi-source retrieval, and governed research workflows. The updates affect Claude models, Visual Studio Code tooling, Voice Live, Toolboxes, agent memory, routines, Foundry IQ, first-party Microsoft AI models, and Microsoft Discovery.

  • Claude is generally available in Microsoft Foundry
    Claude is now generally available in Microsoft Foundry, hosted on Azure and running on NVIDIA GB300 Blackwell Ultra systems. The initial models include Claude Opus 4.8 and Claude Haiku 4.5 through the Messages API, with inference in Global or US data zones and billing through Claude Consumption Units on the Azure invoice.
  • Foundry agent tooling and voice capabilities mature
    Foundry made the Foundry Toolkit for Visual Studio Code and Voice Live for prompt agents generally available. Toolboxes, agent memory, and routines moved into public preview, while hosted agents are on track for general availability by July.
  • Foundry IQ introduces a single retrieval layer for agents
    Foundry IQ is a knowledge layer that grounds agents across Work IQ, Fabric IQ, Azure SQL, file search, and Model Context Protocol sources behind a single retrieval endpoint. Multi-source knowledge bases are generally available, and serverless retrieval is in public preview.
  • Microsoft adds four first-party AI models to Foundry
    Microsoft added MAI Thinking 1 for reasoning, MAI Image 2.5 for image generation and editing, MAI Transcribe 2 for speech-to-text with speaker diarization, and MAI Voice 2 for multilingual text-to-speech with voice cloning. These models are in public preview and should be reviewed for approved use cases, data handling, and content governance.
  • Microsoft Discovery reaches general availability
    Microsoft Discovery, an enterprise platform for building and governing agentic AI workflows across scientific and engineering research and development, is generally available. A free local Microsoft Discovery app is also in preview and runs with a GitHub Copilot account.

Intune

Intune: Apple Management, Protected Apps, and Admin Center Changes Continue

Intune’s focus is platform lifecycle readiness, macOS app maintenance, iOS app protection, Apple device management strategy, and compliance-bound app management expansion. The updates affect macOS, iOS, iPadOS, Company Portal behavior, protected apps, GCC High, DoD, and Microsoft 365 Apps policy configuration.

  • Future macOS support requirements are changing
    Intune will support macOS 15 and later when Apple releases macOS 27, while devices on macOS 14.x or below remain enrolled but cannot be newly enrolled. Admins should identify older Macs and update lifecycle planning before enrollment restrictions affect users.
  • Future iOS and iPadOS support requirements are changing
    Intune will require iOS and iPadOS 18 or later after Apple releases iOS and iPadOS 27. This gives admins time to identify affected devices, update user communications, and align enrollment guidance with future Apple platform requirements.
  • Service release 2606 improves macOS PKG app updates
    Intune service release 2606 adds automatic updates for available macOS PKG apps when administrators upload a newer version of the same app policy and the app is already installed. This reduces reliance on users selecting Install or Reinstall in Company Portal and makes macOS app maintenance more consistent.
  • Intune-protected iOS app prompts are being refreshed
    Intune-protected iOS apps using newer SDK versions are getting refreshed prompts, full-screen messages, and expanded remove-account options. iOS apps using older Intune MAM SDK versions will show non-blocking warnings so users can update before compatibility or security enforcement becomes stricter.
  • Apple device management guidance highlights strategic priorities
    Microsoft published new guidance describing Intune priorities for Apple device management, including Apple declarative device management investments and data-driven settings catalog support for new platform controls. Apple-heavy environments should review this before fall OS upgrades.
  • ChatGPT is listed as a protected app, and Enterprise App Management expands
    ChatGPT is now listed as a protected app for Microsoft Intune, and Enterprise App Management is now supported for GCC High and DoD environments. This is especially important for customers needing packaged Microsoft and third-party app deployment inside compliance boundaries.
  • Microsoft 365 Apps policy configuration is moving
    Microsoft 365 Apps policy configuration is moving out of the Intune admin center and into the Microsoft 365 Apps admin center. Admins should update operational documentation and confirm who owns policy management after the transition.

Loop

Loop: Departed-User Content Workflows Improve Lifecycle Control

Loop’s focus is on improving governance for user-owned workspaces when employees leave the organization. The update affects content retention, deletion, and temporary administrative access.

  • Loop adds departed-user content workflows. Loop adds departed-user content workflows for user-owned workspaces, allowing admins to manage retention, deletion, and temporary access when users leave. This matters because unmanaged collaborative content can create compliance, eDiscovery, and data loss risks after employee departure.

What to Consider: Organizations using Loop should align departed-user workflows with records retention, legal hold, and offboarding policies.

Microsoft 365 Apps

Microsoft 365 Apps: Certificate, Channel, and Packaging Updates Affect Readiness

Microsoft 365 Apps’ focus is on application support continuity, channel simplification, and packaging changes that add security and productivity capabilities. The updates affect Mac, iOS, enterprise update channels, Defender Plan 1, URL protection, Intune improvements, and Exchange Online storage.

  • Mac and iOS apps require updates before July 13, 2026
    Microsoft 365 Apps on Mac and iOS need updates before July 13, 2026, due to certificate expiration. Unsupported versions will move into read-only mode, creating a user productivity impact if devices are not updated in time.
  • Enterprise update channels are being unified
    Beginning with Version 2606 in July 2026, Microsoft is unifying Semi-Annual Enterprise Channel and Monthly Enterprise Channel into one enterprise-focused channel for Microsoft 365 Apps. Devices currently configured for Semi-Annual Enterprise Channel will receive the same feature and security updates and appear as Monthly Enterprise Channel after Version 2606.
  • The 2026 Microsoft 365 Packaging Update adds security and productivity features
    The 2026 packaging update adds capabilities to Microsoft 365 plans, including Defender Plan 1, URL time-of-click protection, Intune improvements, and additional Exchange Online storage. Organizations should review licensing, security baselines, and storage planning to understand how planned value and controls change.

OneDrive

OneDrive: Retention Lifecycle, Domain Changes, and Attachment Protections Advance

OneDrive’s focus is account lifecycle governance, domain modernization, sync reliability, folder organization, and email attachment protection. The updates affect unlicensed accounts, SharePoint-based URLs, cloud.microsoft, Windows Sync builds, shortcuts, and Mark of the Web.

  • Unlicensed OneDrive accounts enter a staged retention lifecycle
    Unlicensed OneDrive accounts move through a staged retention lifecycle starting July 2026, including read-only access, archive, and eventual deletion risk if left unresolved. Admins should review orphaned accounts, retention requirements, legal hold scenarios, and ownership transfer processes before data becomes harder to access.
  • OneDrive is moving to the cloud.microsoft domain
    OneDrive is moving to the cloud.microsoft domain while existing SharePoint-based URLs continue to work. Admins have until June 2027 to update documentation and custom solutions, which is important for integrations, user guidance, and security allowlists.
  • OneDrive Sync adds reliability, first-run, and folder-name controls
    OneDrive Sync released multiple Windows Production Ring builds in June 2026 with reliability and performance fixes. Current notes also highlight a File Explorer option to move folders directly to OneDrive, a rebuilt first-run experience, and administrator control over custom local OneDrive folder names to reduce path length issues.
  • Shortcuts and Outlook-saved attachments become more secure and organized
    OneDrive will offer a dedicated Shortcuts folder when users add shortcuts, reducing clutter in the root. Attachments saved from Outlook to OneDrive now include the Mark of the Web security tag, helping Windows security features such as Protected View apply when those files are opened.

Outlook

Outlook: Mobile Changes, Copilot Support, and PST Capabilities Expand

Outlook’s focus is modernizing user workflows across mobile, Copilot-assisted composition, reusable content, and PST handling. The updates affect calendar sharing, shared and delegate mailboxes, Quick Parts, PST import and export, and retention or eDiscovery expectations.

  • Outlook Mobile is retiring Send Availability and adding Follow RSVP
    Outlook Mobile is retiring Send Availability, so users will need to manually share calendar availability in email after the feature is removed. Outlook Mobile is also adding a Follow RSVP option so users can receive updates from meetings they do not plan to attend.
  • Outlook adds Copilot and account workflow improvements
    Outlook added Copilot Chat coaching directly in compose, Copilot Chat support from shared and delegate mailboxes, and a streamlined Account Manager experience. These changes can improve productivity, but organizations should review how shared mailbox use aligns with Copilot access and data governance expectations.
  • Quick Parts arrives in new Outlook
    New Outlook added Quick Parts on June 26, allowing users to save and reuse blocks of content in email. This is useful for service teams, project teams, and other users who send repeatable customer or internal communications.
  • PST import and export capabilities expand
    PST import now supports all item types, including calendar events, contacts, and tasks, and users can move emails in bulk when exporting to PST files. Admins should review whether these features affect retention, eDiscovery, records management, and user-driven data movement expectations.

Planner

Planner: Templates and Date Flexibility Improve Task Management

Planner’s focus is on improving repeatability and reducing date constraints in task planning. The updates affect Microsoft 365 Groups, reusable plan structures, start dates, and due dates.

  • Planner custom templates support reusable plans
    Planner custom templates allow users to turn plans into reusable templates shared within Microsoft 365 Groups. This can reduce setup time for repeatable projects and improve consistency across teams.
  • Planner start and due dates are now independent
    Planner start dates and due dates are no longer constrained, allowing users to set either date independently. This gives teams more flexibility but may require review of reports, automations, or assumptions that previously depended on date order.

Power Platform

Power Platform: Agent Learning, Connector Governance, and Process Mining Mature

Power Platform’s focus is on improving agent learning, tenant inventory, connector control, desktop automation, and process analysis. The updates affect Power Apps, Model Context Protocol servers, advanced connector policies, inventory APIs, Azure Resource Graph, Power Automate for desktop, Dataverse, and process mining.

  • Closed-loop learning improves agents connected to the Power Apps MCP server
    Closed-loop learning starts with the data entry tool, where every user correction persists as structured memory that the agent retrieves and applies on future runs. The feedback loop runs automatically in production with no configuration or data pipelines required, making governance over learned behavior important.
  • Advanced connector policies reach general availability
    Advanced connector policies let admins govern not only which connectors are allowed, but which specific actions and Model Context Protocol servers inside them AI tools can use across a tenant. This gives Power Platform admins finer-grained control over data access and agent tool usage.
  • Power Platform inventory enters public preview
    Power Platform inventory shows connectors and connector operations used by every canvas app, model-driven app, cloud flow, agent flow, and agent in a tenant. The data is also queryable through the Power Platform inventory API and Azure Resource Graph, improving governance, audit, and risk analysis.
  • Power Automate for desktop adds side-by-side version comparison
    Power Automate for desktop added side-by-side version comparison to its built-in version control. Makers can compare subflows, actions, variables, user interface elements, and images, with versions stored in Microsoft Dataverse for up to twelve months.
  • Desktop flows can run Power Apps in public preview
    A new run Power App action entered public preview in Power Automate for desktop version 2.68 and later. It lets a desktop flow open a Power App, pass inputs into the app, capture outputs back into the flow, and trigger callable subflows from app events.
  • Object-centric process mining reaches general availability
    Object-centric process mining in Power Automate is generally available and lets analysts model real-world processes that span multiple related objects instead of a single case identifier. This supports more accurate process analysis for complex workflows such as order-to-cash, incident response, and service operations.

Purview Information Protection

Purview Information Protection: Retention, DLP, AI Interactions, and Role Governance Expand

Purview’s focus is improving data lifecycle management, AI interaction governance, endpoint DLP investigations, sensitive data protection, and compliance administration. The updates affect OneDrive, SharePoint, Planner, Copilot and AI app interactions, Entra Global Secure Access, endpoint DLP, credentials, role assignments, labels, Power Automate, and Microsoft 365 Copilot Cowork.

  • Retention based on the last accessed date is coming to OneDrive and SharePoint
    Purview Data Lifecycle Management will support retention based on the last accessed date for OneDrive and SharePoint files. This helps reduce stale content and improve Copilot relevance, while also requiring careful review for legal hold, records retention, and business-critical archive scenarios.
  • Planner tasks gain retention and deletion policy support
    Data Lifecycle Management adds retention and deletion policy support for Microsoft Planner tasks. This matters because task content may include project decisions, operational commitments, customer details, or regulated information that needs lifecycle governance.
  • AI interaction insights support governance decisions
    Data Lifecycle Management is adding insights for Copilot and AI app interactions to support retention, governance, and data security decisions. These insights can help organizations understand where AI interactions create data lifecycle, compliance, or exposure risks.
  • Data Security Investigations adds endpoint DLP sources and templates
    Data Security Investigations includes endpoint DLP events as a queryable source for analyzing files tied to DLP alerts. Templates for common data security scenarios make investigations faster and more consistent.
  • Purview previews sensitive data protection for text and prompts through Global Secure Access
    Purview introduced a preview for protecting sensitive data in text and prompts through integration with Microsoft Entra Global Secure Access. This E7 feature allows organizations to intercept and inspect text and AI interactions at the network layer and enforce DLP actions for browsers, apps, APIs, add-ins, generative AI platforms, social media, and collaboration platforms.
  • Data Security Posture Agent adds credential scanning
    Purview Data Security Posture Agent is adding credential scanning to identify exposed secrets such as keys, tokens, and credentials. This is important for reducing the risk of credential leakage through files, prompts, repositories, and collaboration content.
  • Compliance role assignments can expire
    Purview compliance portal role assignments can now have expiration dates. This supports temporary access for security and compliance administration and reduces persistent privileged access risk.
  • Sensitivity labels can block connected experiences that analyze content
    Labels can block connected experiences that analyze content in Word, Excel, and PowerPoint. This broadens protection for sensitive files by limiting analysis features when label policy requires stronger control.
  • Records Management integrates with Power Automate
    Purview Records Management is integrating with Power Automate so organizations can trigger workflows when retention-labeled items reach the end of retention. This can support disposition review, approvals, notifications, and downstream compliance processes.
  • Endpoint DLP device attributes become available in Advanced Hunting
    Endpoint DLP device attribute data became queryable through Advanced Hunting in the Microsoft Defender portal using the DeviceInfo table DlpInfo column. This gives security teams another way to investigate device-level DLP context alongside Defender telemetry.
  • Purview protections for Microsoft 365 Copilot Cowork reach general availability
    Purview data security and compliance protections for Microsoft 365 Copilot Cowork are now generally available. Organizations using Copilot Cowork should review retention, sensitivity, and compliance controls before expanding agentic task execution.

SharePoint Online

SharePoint Online: Retirement Deadlines and AI-Enabled Site Experiences Accelerate

SharePoint Online’s focus is on retiring legacy components, improving external sharing governance, expanding AI-assisted publishing, and strengthening site administration. The updates affect SharePoint Designer, InfoPath, Remote Event Receivers, Restricted SharePoint Search, SharePoint Alerts, One-Time Passcode authentication, home sites, Advanced Management, agents, Copilot, Embedded apps, and storage billing.

  • SharePoint Designer 2013 and InfoPath reach end of support on July 14
    SharePoint Designer 2013 reaches end of support on July 14, with no further updates or fixes. The same applies to the InfoPath 2013 client and InfoPath Forms Services in SharePoint Online, so organizations should migrate dependent workflows and forms.
  • Remote Event Receivers retire July 1, 2027
    Remote Event Receivers in SharePoint Online retire July 1, 2027. Organizations should migrate to SharePoint webhooks or Microsoft Graph change notifications to avoid broken integrations.
  • Restricted SharePoint Search is retiring
    Restricted SharePoint Search retires January 31, 2027, and new enablement is blocked after July 31, 2026. Admins should review search governance, Copilot readiness, and alternative controls before the feature is removed.
  • SharePoint Alerts are being fully retired
    SharePoint Alerts are being retired, and users should move notification scenarios to Power Automate or SharePoint Rules. This requires communication and migration planning for teams that depend on legacy alerting.
  • One-Time Passcode authentication is retiring for SharePoint
    SharePoint One-Time Passcode authentication is retiring in favor of Microsoft Entra B2B. This improves governance and conditional access for external sharing, but admins should review guest access policies and partner onboarding processes.
  • Home site management reaches general availability
    SharePoint home site updates rolled out to general availability, allowing admins to create and designate home sites directly from the SharePoint admin center. New Resources and Announcements web parts and Teams app configuration from the home site experience improve intranet management.
  • SharePoint Advanced Management adds custom site groups
    SharePoint Advanced Management can create custom groups of sites using CSV uploads, site properties, and Entra ID attributes for governance and reporting. This helps admins apply policies and analyze risk across logical groups of sites.
  • Custom skills and agents expand AI in SharePoint
    Custom skills for AI in SharePoint let users with edit permission create reusable natural-language tasks stored in the Agent Assets library. SharePoint agents also have a simpler launch experience with site-level AI settings that let owners control highlighted agents.
  • Copilot-assisted page creation expands, and Copilot in SharePoint becomes an opt-out preview
    Copilot-assisted page creation in SharePoint adds a new entry point for creating pages and news posts from prompts. Copilot in SharePoint has shifted from opt-in preview to opt-out preview for users with Microsoft 365 Copilot licenses, with tenant and site controls available through SharePoint Online PowerShell.
  • The new SharePoint experience adds AI-assisted discovery and publishing
    The new SharePoint experience includes a redesigned app bar and AI-assisted capabilities for discovery, publishing, and site building. Organizations should review governance settings before expanding AI-assisted content creation to more site owners.
  • SharePoint Embedded app management and storage overage billing improve
    The SharePoint admin center adds a unified Apps page for creating and managing SharePoint Embedded apps, including owners, billing, and lifecycle management. SharePoint storage overages can also use a pay-as-you-go billing model integrated with Microsoft 365 Archive for additional storage needs.

Teams

Teams Admin Center — Centralized Agent Governance
  • Teams admin center adds centralized governance for built-in agents
    Teams admin center is adding centralized governance for built-in agents such as Channel Agent, Facilitator, and Copilot Agent. Admins will have separate policy controls and user or group assignment, which supports more targeted rollout, delegated testing, and risk management.
Teams Chat & Channels — Better Guest Invites and Conversation Continuity
  • Guest invitation emails will come from the inviter’s address
    Teams guest invitation emails will come from the inviter’s email address instead of a no-reply address. This should make guest invitations more recognizable to external recipients and may improve acceptance rates for partner and customer collaboration.
  • Teams preserves the conversation layout for returning users
    Teams now preserves selected tabs, opened side panels, and layout when users return to a conversation within a short duration of time. This reduces context switching and helps users resume work quickly without rebuilding their workspace each time they move between chats or channels.
Teams Meetings — Meeting Governance, Recap, and Event Control
  • Teams meetings can link directly to Planner plans
    Teams meetings and Planner plans can be linked so tasks created from meetings can flow into an existing plan instead of creating duplicate planning spaces. This improves continuity between meeting decisions and execution while helping teams avoid fragmented task tracking.
  • Teams is refreshing the in-meeting experience
    Teams is updating the in-meeting experience with simplified controls, a separate Leave button, customizable controls, and a smarter share panel with live previews. Admins should update user guidance because common meeting actions will look and behave differently after rollout.
  • AI meeting recap can generate summaries without retained transcripts or recordings
    Teams AI meeting recap can generate summaries without retaining transcripts or recordings. This supports organizations with stricter compliance policies, but admins should still review retention, legal hold, and meeting data governance requirements before enabling or expanding usage.
  • Recording expiration and deletion notifications gain tenant-wide controls
    Teams meeting recording expiration and deletion notification emails can now be controlled tenant-wide through PowerShell. This matters for organizations that need consistent communication around meeting recording lifecycle, storage cleanup, and retention expectations.
  • Graph API transcript access controls improve transcript governance
    Teams Graph API transcript access controls let admins govern application access to meeting transcripts. This improves control over sensitive meeting data and helps reduce unnecessary application access to transcript content that may include confidential business, legal, HR, or customer information.
  • Teams Facilitator can proactively address meeting knowledge gaps
    Teams Facilitator for licensed Microsoft 365 Copilot users can proactively identify knowledge gaps in meetings, search the web, and post relevant answers into meeting chat when enabled. Admins should review grounding, user consent, and meeting policy implications before enabling this experience.
  • Private chat supports organizers, co-organizers, and presenters
    Teams private chat for organizers, co-organizers, and presenters provides a consistent backroom chat experience for structured meetings, webinars, and town halls. This gives event teams a dedicated coordination space without relying on separate chats or external communication channels.
  • External assistant bots will be labeled in meetings
    Teams will label external assistant bots that attempt to join meetings, giving organizers clearer approval and removal controls. This improves visibility into non-human participants and supports better meeting security for sensitive discussions.
  • Town halls support managed custom backgrounds
    Teams town halls allow Teams Premium organizers and presenters to upload custom backgrounds in managed attendee layouts. This helps organizations create more polished branded events while maintaining administrative control over the attendee experience.
  • RTMP-In settings require updated allowlisting
    Teams RTMP-In settings require updated port and domain allowlisting for new events by mid-July 2026. Admins supporting live events should validate firewall, proxy, and network configurations to avoid disruption for future broadcasts.
  • Teams will send role-specific meeting invites
    Teams will send role-specific invites for attendees, presenters, and co-organizers so participants better understand their meeting role. This can reduce confusion before structured meetings, webinars, and town halls by making expectations clearer before users join.
Teams Rooms — Android Management and Structured Meeting Support
  • Android device management is moving to Teams Rooms Pro Management
    Android device management is moving from the Teams admin center to the Teams Rooms Pro Management portal, with older management paths deprecated by September 2026. Organizations should update operational procedures, permissions, and support documentation before the legacy management paths are removed.
  • Teams Rooms on Android can join webinars and structured meetings as attendees
    Teams Rooms on Android can join webinars and structured meetings as attendees when devices are licensed and updated. This expands room participation options for larger events and formal meeting formats, but admins should validate device readiness and licensing before relying on the capability.
Teams Phone — Safer Calling and Smarter Voice Workflows
  • Brand Impersonation Protection warns users about suspicious calls
    Brand Impersonation Protection for Teams Calling warns users about suspicious inbound calls from first-contact external callers. This helps reduce social engineering risk in voice workflows, especially for users who frequently receive calls from customers, vendors, or unknown external parties.
  • Auto Attendant and Call Queue setup is being improved
    Teams admin center is improving the Auto Attendant and Call Queue configuration wizard for clearer and faster voice app setup. This should reduce configuration friction for administrators managing front office, help desk, and customer-facing calling workflows.
  • Incoming calls can appear in a small, resizable window
    Teams adds a setting that lets users view incoming calls in a small resizable window while they continue working. This improves multitasking for users who manage frequent calls without forcing a full context switch.
  • Call transfer workflows are improving on Windows and Mac
    Teams Phone users on Windows and Mac are getting call transfer improvements that streamline the workflow and add transfer suggestions. Organizations with help desks, front office teams, and high call volume users should communicate the change because it alters a common calling workflow in the desktop client.
  • Teams Phone Agent and custom voice agents support AI-assisted calling
    Microsoft announced Teams Phone Agent and custom voice agents built in Copilot Studio to help organizations respond to call surges and create more intelligent voice-based customer interactions. This is most relevant for service desks, customer service teams, and departments evaluating AI-assisted call handling.
Teams Premium — Queue Recording, Transcription, and Mobile Management
  • Call Queues are adding automatic recording and transcription
    Teams Call Queues are adding automatic recording and transcription, with per-queue admin controls and SharePoint storage. Admins should review consent, retention, legal hold, storage, and access policies because call recordings and transcripts may contain customer data, regulated information, or sensitive operational details.
  • The Queues app on Teams mobile supports queue management
    The Queues app on Teams mobile lets representatives and supervisors manage call queues, view queue details, review history, and control participation from iOS and Android. This improves flexibility for mobile supervisors and frontline teams that need visibility into queue activity away from a desktop.

Windows

Windows: Server Hotpatching, Windows 11 Preview, and Kerberos Hardening Continue

Windows’ focus is lifecycle extension, preview readiness, Start menu policy management, state roaming changes, and authentication hardening. The updates affect Windows Server 2022 Azure Edition, Windows 11 version 26H2, Windows Backup for Organizations, and Kerberos RC4 protections.

  • Windows Server 2022 hotpatch support is extended
    Windows Server 2022 hotpatch support for Azure Edition is extended through October 2027. This gives organizations more time to use reboot-reducing patching models for supported server workloads.
  • Windows 11 version 26H2 is available to preview
    Windows 11 version 26H2 is available through the Windows Insider Program, with general availability planned for the second half of 2026. Enterprises should use preview channels to validate applications, policies, drivers, and security tooling before broad deployment.
  • The Windows 11 Start menu adds organizational customization policies
    The updated Windows 11 Start menu is rolling out with new customization policies for organizations. Admins should review user experience standards and policy controls before the change reaches production devices.
  • Enterprise State Roaming management moves to Windows Backup for Organizations
    Enterprise State Roaming management has moved to Windows Backup for Organizations, which becomes the new default management experience for Enterprise State Roaming settings. Endpoint teams should update administrative documentation and confirm settings continue to align with user data protection expectations.
  • Kerberos RC4 hardening reaches final deployment
    The July 2026 Windows security update completes the final deployment phase of Kerberos RC4 hardening protections. Organizations should validate legacy authentication dependencies to avoid disruptions as weaker Kerberos encryption support is hardened.

Windows 365

Windows 365: Isolated Cloud PCs for Agents Reach General Availability

Windows 365’s focus is on providing managed, isolated compute for AI agents. The update connects Windows 365, Intune management, and agent execution isolation.

  • Windows 365 for Agents is generally available
    Windows 365 for Agents is now generally available as an Intune-managed Cloud PC for running agents in isolation. This matters because it gives organizations a managed environment for agent execution that can be governed separately from user endpoints.

What to Consider: Organizations adopting agents should evaluate whether isolated Cloud PCs reduce endpoint risk, improve governance, and simplify lifecycle management for agent workloads.

 

Get in Touch with Us

Connect with an expert to learn what we can do for your business.

Request Access to Win Wires

Enter your work email to request access to the eGroup Win Wires repository.

By requesting access, you confirm you are using an approved business email domain. You’ll receive a secure, one-time login link after returning to the Win Wires page.