check before: 2025-09-01
Product:
Defender, Defender for Office 365, Defender XDR, Entra, Microsoft 365 admin center, Teams, Windows
Platform:
Android, iOS, Mac, Online, Web, Windows Desktop, World tenant
Status:
Rolling out
Change type:
New feature, User impact
Details:
Summary:
Microsoft Defender for Office 365 will introduce message warnings in Microsoft Teams for messages containing URLs flagged as Spam, Phish, or Malware. Starting with a public preview in September 2025 and general availability in November 2025, warnings will appear for both recipients and senders, enabled by default and manageable via Teams Admin Center.
Details:
[Introduction]
To help users stay protected from malicious content, we're introducing message warnings in Microsoft Teams. This new feature displays a warning banner on messages containing URLs flagged as Spam, Phish, or Malware-whether the message is internal or external. These warnings enhance user awareness and complement existing security protections like Safe Links and ZAP.
This post is associated with Roadmap ID 502879.
This message center post was created in collaboration with Microsoft Teams and is related to the Teams post MC1148539.
Figure i. Recipient View: Users will find a warning banner on messages containing malicious URLs.
Figure ii. Sender View: Senders will also be notified if their message includes a flagged URL.
[When this will happen:]
Public Preview (Worldwide): Begins early September 2025 and completes by mid-September 2025.
General Availability (Worldwide): Begins early November 2025 and completes by mid-November 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview, Standard Release
Created:
2025-09-11
updated:
2025-09-11
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Awareness and Security
Users may be exposed to malicious URLs without prior warning, leading to potential phishing attacks and data breaches.
- roles: End Users, IT Support Staff
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams
Operational Disruption
Increased incidents of malware infections could lead to downtime and operational disruptions, affecting productivity.
- roles: IT Operations, Business Continuity Managers
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879, https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams
Increased Support Requests
The introduction of message warnings without preparation may lead to confusion among users, resulting in a surge of support requests to IT.
- roles: Helpdesk Staff, IT Support Staff
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced User Training on URL Safety
With the introduction of message warnings for malicious URLs, there's an opportunity to enhance user training programs focused on recognizing phishing attempts and understanding the importance of URL safety. This training can be tailored to leverage the new warning feature, making users more aware of potential threats.
- next-steps: Develop a training module that incorporates the new message warning feature, schedule training sessions, and provide ongoing resources for users to reference.
- roles: IT Administrators, Security Officers, Training Coordinators
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879
Improved Incident Response Protocols
The new warning system can be integrated into incident response protocols, allowing IT teams to react more swiftly to potential threats flagged by the system. This can streamline processes for reporting and mitigating phishing attempts and other malicious activities.
- next-steps: Review and update incident response protocols to include steps for handling warnings from Teams, conduct drills to test the effectiveness of the updated protocols, and ensure all relevant teams are trained.
- roles: IT Security Teams, Incident Response Teams, Compliance Officers
- references: https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams, https://learn.microsoft.com/defender-office-365/mdo-support-teams-about
" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/defender-office-365/mdo-support-teams-about
Integration with Existing Security Tools
The message warnings feature can be integrated with existing security tools to enhance overall security posture. For example, integrating with SIEM systems can provide better visibility into potential threats and allow for automated responses.
- next-steps: Evaluate current security tools for compatibility with the new feature, develop an integration plan, and implement the integration while monitoring for effectiveness.
- roles: IT Security Analysts, Systems Administrators, Compliance Officers
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago ago
