New Microsoft Purview data security posture management experience
What is changing?
Previously, Data Security Posture Management had two separate modules for M365 cloud services and AI. These modules are being unified under the DSPM umbrella with Public Preview beginning in December 2025 and GA rollout beginning in April 2026. Purview now also extends coverage beyond Microsoft data with third-party signals from partners like BigID, Cyera, OneTrust, and Varonis, giving security teams a single, streamlined view of sensitive data across clouds and platforms. Additionally, Data Risk Assessments are extended to Fabric and item-level analysis with new remediation actions like bulk disabling of overshared SharePoint links.
What is the impact?
No impact is expected at this time. The “classic” DSPM experience will continue to be supported and existing policies & configurations will remain unchanged.
What needs to be prepared in advance? Nothing at this time.
Microsoft Entra ID: Retirement of duplicative properties in passkey(FIDO2) authentication methods policy
What is changing?
Starting October 2027 and ending November 2027, we will retire the is AttestationEnforced and keyRestrictionsproperties from the existing fido2AuthenticationMethodConfiguration API schema. This change aligns with the latest update to the passkey policy API schema, which introduces support for granular group-based configurations with passkey profiles.
- What is the impact?
• isAttestationEnforced and keyRestrictions properties will be retired.
• New properties are available in the updated passkey policy API schema.
• Existing properties will sync with new ones during the transition period.
• Automations or integrations using retired properties will stop working after the change.
What needs to be prepared in advance? The instructions to prepare for this change and its impact are very technical in nature. Please reference this Microsoft document to learn more.
Microsoft Teams: Private chat for organizers and presenters in structured meetings, webinars, and town halls
What is changing?
Microsoft is introducing a private chat feature for organizers, co-organizers, and presenters in structured meetings and webinars in Microsoft Teams. This separate chat enhances collaboration by allowing key participants to communicate privately before, during, and after the event, without involving attendees. Additionally, Microsoft is unifying backroom chat behavior in town halls to ensure consistent functionality across all structured meetings. Currently, backroom chat behavior
varies depending on whether streaming chat is enabled for town halls and whether the organizer has a Teams Premium license. This update removes that inconsistency.
What is the impact?
Meeting organizers, presenters, and hosts will have “backroom”/private chat enabled that does not include event attendees. Rollout begins in early February 2026 (previously early January) and is expected to complete by mid-February 2026 (previously mid-January).
What needs to be prepared in advance? Forsyte recommends that you communicate this new feature to any Teams users that organize webinars, town halls, or other structured meetings using Microsoft Teams.
Microsoft Defender for Office 365 Zero-hour auto-purge (ZAP) Teams protection capabilities to Defender for Office Plan 1
What is changing?
Zero Hour Auto Purge (ZAP) functionality for Microsoft Teams previously not available with Defender for Office P1 will now be available and enabled by default beginning on January 6, 2026.
What is the impact?
Teams messages, channel posts, and other content containing known malicious URLs will be automatically placed in admin quarantine.
- What needs to be prepared in advance?
- Review ZAP settings in the Microsoft 365 Security portal before January 6, 2026.
- If you want to opt out of the default ON setting, do so via ZAP settings in the Security portal between December 6, 2025, and January 5, 2026.
- Communicate this change to your helpdesk and update internal documentation as needed.
(Update) New update to address issue affecting Windows 10 devices enrolled on Extended Security Updates (ESU)
Microsoft has identified an issue where some Windows 10, version 22H2 devices enrolled in Extended Security Updates (ESU) for commercial customers might fail to install the November 2025 security update (KB5068781) with error 0x800f0922 (CBS_E_INSTALLERS_FAILED). This issue is isolated to devices whose Windows OS licenses were activated via Windows subscription activation through the Microsoft 365 admin center.
The organizations affected by this issue can resolve it by installing KB5072653: Extended Security Updates (ESU) Licensing Preparation Package for Windows 10, which was released on November 17, 2025. Once you install this preparation package (KB5072653), you will be able to deploy the November 2025 security update (KB5068781).
(Updated) Microsoft Publisher will no longer be supported after October 2026
What is changing?
In October 2026, Microsoft Publisher will reach its end of life. After that time, it will no longer be included in Microsoft 365 and existing on-premises suites will no longer be supported. Until then, support for Publisher will continue and users can expect the same experience as today.
What is the impact?
You can continue to use Publisher with its current functionality until October 2026.
Support for the perpetual version of Publisher will end in October 2026, when Office LTSC 2021 reaches end of support. Microsoft 365 customers will not be able to access Publisher from that date forward.
What needs to be prepared in advance? Please advise end users to shift their usage of Microsoft Publisher to other tools available in Microsoft 365.
Microsoft SharePoint: Retirement of IDCRL authentication protocol and enforcement of OpenID Connect and OAuth protocols
What is changing?
Microsoft is retiring the legacy Identity Client Run Time Library (IDCRL) authentication protocol in SharePoint Online and OneDrive for Business in favor of more modern authentication protocols – Open ID Connect (OIDC) and OAuth.
What is the impact?
Legacy script, automations, or applications that rely on legacy authentication protocols to integrate with SharePoint Online and/or OneDrive will no longer function with gradual disablement taking place between January 31, 2026 and May 1, 2026.
What needs to be prepared in advance? If your organization has already disabled legacy authentication to all cloud applications within Microsoft 365 per Forsyte recommendation, there should be no impact to this change. Otherwise, Forsyte recommends making plans to migrate all legacy authentication to a supported protocol before January 31, 2026
