check before: 2022-05-05
Product:
Defender, Defender for Office 365, Microsoft 365 Defender
Platform:
US Instances, Web, World tenant
Status:
Launched
Change type:
Admin impact, Feature update, Updated message
Details:
Updated December 27, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP.
Updates to the ZAP alerts will include:
Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios.
A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies.
This message is associated with Microsoft 365 Roadmap ID 93206.
[When this will happen:]
We expect these updates to roll out in early November (previously mid-October) and expect to be complete by mid-January (previously early December).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2022-04-21
updated:
2022-12-28
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
additional Info URL
XXXXXXX ... free basic plan only
** AI generated content. This information is not reliable.
the free basic plan is required to see all details. Sign up here
change history
| Date | Property | old | new |
| 2022-12-28 | MC Platforms | Web | |
| 2022-12-28 | MC Last Updated | 10/31/2022 18:21:54 | 2022-12-27T19:10:00Z |
| 2022-12-28 | MC Messages | Updated October 31, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in early November (previously mid-October) and expect to be complete by early December (previously mid-November). | Updated December 27, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in early November (previously mid-October) and expect to be complete by mid-January (previously early December). |
| 2022-12-28 | MC End Time | 01/06/2023 08:00:00 | 2023-02-17T08:00:00Z |
| 2022-11-01 | MC Last Updated | 10/07/2022 17:45:22 | 2022-10-31T18:21:54Z |
| 2022-11-01 | MC Messages | Updated October 7, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-October (previously mid-September) and expect to be complete by mid-November (previously mid-October). | Updated October 31, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in early November (previously mid-October) and expect to be complete by early December (previously mid-November). |
| 2022-11-01 | MC End Time | 12/16/2022 08:00:00 | 2023-01-06T08:00:00Z |
| 2022-10-08 | MC Last Updated | 09/02/2022 21:27:35 | 2022-10-07T17:45:22Z |
| 2022-10-08 | MC Messages | Updated September 2, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-September (previously late August) and expect to be complete by mid-October (previously late September). | Updated October 7, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-October (previously mid-September) and expect to be complete by mid-November (previously mid-October). |
| 2022-10-08 | MC End Time | 11/18/2022 08:00:00 | 2022-12-16T08:00:00Z |
| 2022-09-15 | MC prepare | Review the following resources below to learn more:
Microsoft 365 alert policies Zero-hour auto purge in Microsoft Defender for Office 365 ps://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?msclkid=069c1f5cbb5e11ecbc98fe2b7b4d1c02&view=o365-world ps://docs.microsoft.com/microsoft-365/compliance/alert-policies?view=o365-worldwide#:~:text=Default%20alert%20policies%20%20%20%20Default%20alert,Office%203%20...%20%2010%20more%20r ps://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-air?view=o365-world ps://security.microsoft.com/alertpolici ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93206 | Review the following resources below to learn more:
Microsoft 365 alert policies Zero-hour auto purge in Microsoft Defender for Office 365 https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?msclkid=069c1f5cbb5e11ecbc98fe2b7b4d1c02&view=o365-worldwide https://docs.microsoft.com/microsoft-365/compliance/alert-policies?view=o365-worldwide#:~:text=Default%20alert%20policies%20%20%20%20Default%20alert,Office%203%20...%20%2010%20more%20rows%20 https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-air?view=o365-worldwide https://security.microsoft.com/alertpolicies https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93206 |
| 2022-09-03 | MC Last Updated | 08/12/2022 17:15:21 | 2022-09-02T21:27:35Z |
| 2022-09-03 | MC Messages | Updated August 12, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in late August (previously early August) and expect to be complete by late September (previously mid-September). | Updated September 2, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-September (previously late August) and expect to be complete by mid-October (previously late September). |
| 2022-09-03 | MC End Time | 10/31/2022 08:00:00 | 2022-11-18T08:00:00Z |
| 2022-08-27 | MC prepare | Review the following resources below to learn more:
Microsoft 365 alert policies Zero-hour auto purge in Microsoft Defender for Office 365 https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?msclkid=069c1f5cbb5e11ecbc98fe2b7b4d1c02&view=o365-worldwide https://docs.microsoft.com/microsoft-365/compliance/alert-policies?view=o365-worldwide#:~:text=Default%20alert%20policies%20%20%20%20Default%20alert,Office%203%20...%20%2010%20more%20rows%20 https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-air?view=o365-worldwide https://security.microsoft.com/alertpolicies https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93206 | Review the following resources below to learn more:
Microsoft 365 alert policies Zero-hour auto purge in Microsoft Defender for Office 365 ps://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?msclkid=069c1f5cbb5e11ecbc98fe2b7b4d1c02&view=o365-world ps://docs.microsoft.com/microsoft-365/compliance/alert-policies?view=o365-worldwide#:~:text=Default%20alert%20policies%20%20%20%20Default%20alert,Office%203%20...%20%2010%20more%20r ps://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-air?view=o365-world ps://security.microsoft.com/alertpolici ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93206 |
| 2022-08-13 | MC Last Updated | 07/19/2022 18:01:32 | 2022-08-12T17:15:21Z |
| 2022-08-13 | MC Messages | Updated July 19, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in early August (previously late June) and expect to be complete by mid-September (previously mid-August). | Updated August 12, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in late August (previously early August) and expect to be complete by late September (previously mid-September). |
| 2022-08-13 | MC End Time | 10/18/2022 09:00:00 | 2022-10-31T08:00:00Z |
| 2022-07-20 | MC Last Updated | 06/23/2022 21:31:47 | 2022-07-19T18:01:32Z |
| 2022-07-20 | MC Messages | Updated June 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in late June (previously mid-June) and expect to be complete by mid-August (previously mid-July). | Updated July 19, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in early August (previously late June) and expect to be complete by mid-September (previously mid-August). |
| 2022-07-20 | MC End Time | 09/23/2022 09:00:00 | 2022-10-18T09:00:00Z |
| 2022-06-24 | MC Last Updated | 06/07/2022 21:49:52 | 2022-06-23T21:31:47Z |
| 2022-06-24 | MC Messages | Updated June 7, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-June (previously late May) and expect to be complete by mid-July (previously late June). | Updated June 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in late June (previously mid-June) and expect to be complete by mid-August (previously mid-July). |
| 2022-06-24 | MC End Time | 08/26/2022 09:00:00 | 2022-09-23T09:00:00Z |
| 2022-06-08 | MC Messages | We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP.
Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in late May and expect to be complete by late June. | Updated June 7, 2022: We have updated the rollout timeline below. Thank you for your patience.
We will be updating the current zero-hour auto purge (ZAP) alerts and introduce a new ZAP alert that will notify you if a message has not been removed by ZAP. Updates to the ZAP alerts will include: Scoping the success ZAP alerts for only ZAP related scenarios. You will no longer be alerted as part of the ZAP alert for Dynamic Delivery scenarios. A new failure ZAP alert is being introduced. You will receive an alert when a message was not successfully removed from the mailbox. Manual action will be required to remediate the message. The alert will be correlated and linked to both Automated Investigation and Response (AIR) and Incidents. The alert will be on by default and can be configured in alert policies. This message is associated with Microsoft 365 Roadmap ID 93206. [When this will happen:] We expect these updates to roll out in mid-June (previously late May) and expect to be complete by mid-July (previously late June). |
| 2022-06-08 | MC Title | Updates to the Zero-hour auto purge (ZAP) alerts | (Updated) Updates to the Zero-hour auto purge (ZAP) alerts |
| 2022-06-08 | MC Last Updated | 04/21/2022 01:14:23 | 2022-06-07T21:49:52Z |
| 2022-06-08 | MC MessageTagNames | Feature update, Admin impact | Updated message, Feature update, Admin impact |
| 2022-06-08 | MC End Time | 08/05/2022 09:00:00 | 2022-08-26T09:00:00Z |
Last updated 8 months ago
