MC1200576 – M365 Change Digest

One-line summary

Starting January 12, 2026, Teams will enable weaponizable file and malicious URL protection, plus reporting, by default for tenants using default messaging safety settings.

Similar updates

Details

Summary

Starting January 12, 2026, Microsoft Teams will enable messaging safety features by default, including weaponizable file type protection, malicious URL protection, and reporting incorrect detections. Existing custom settings remain unchanged. Admins should review and adjust settings before this date and inform helpdesk staff accordingly.

Body (from Message Center)

[Introduction]

We’re improving messaging security in Microsoft Teams by enabling key safety protections by default. This update helps safeguard users from malicious content and provides options to report incorrect detections, reducing risk and improving collaboration security.

[When this will happen:]

Starting January 12, 2026, as announced in MC1148540, MC1148539, and MC1147984.

[How this affects your organization:]

Who is affected:

Tenants that have not previously modified messaging safety settings and are still using the default configuration.

What will happen:

The following settings in Teams admin center Messaging Settings will be turned ON by default:
- Weaponizable file type protection
- Malicious URL protection
- Report incorrect security detections
End users may:
- See warning labels on messages containing malicious URLs.
- Have the option to report false positives.
- Experience blocked messages if they contain weaponizable file types.
If you have already customized and saved these settings, your preferences will remain unchanged.

[What you can do to prepare:]

Review current values for these settings in Teams admin center > Messaging > Messaging settings > Messaging safety.
If you do not want the new defaults to apply, adjust settings and click Save before January 12, 2026.
Communicate this change to helpdesk staff and update internal documentation if necessary.

Learn more

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Raw JSON (for debugging)

Expand/collapse the full payload below.

Show/hide raw

{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": "2026-01-12T00:00:00Z",
    "ai_actions": [
      "Review Teams messaging safety settings",
      "Adjust and save settings if custom defaults are desired",
      "Inform helpdesk and update documentation"
    ],
    "ai_master_tags": [
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Starting January 12, 2026, Teams will enable weaponizable file and malicious URL protection, plus reporting, by default for tenants using default messaging safety settings.",
    "ai_topics": [
      "Teams"
    ],
    "category": "planForChange",
    "details_map": {
      "Summary": "Starting January 12, 2026, Microsoft Teams will enable messaging safety features by default, including weaponizable file type protection, malicious URL protection, and reporting incorrect detections. Existing custom settings remain unchanged. Admins should review and adjust settings before this date and inform helpdesk staff accordingly."
    },
    "id": "MC1200576",
    "importance": 4,
    "is_major_change": false,
    "last_modified": "2025-12-19T23:41:17Z",
    "ms_products": [
      "Teams"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Microsoft Teams"
    ],
    "severity": "normal",
    "tags": [
      "Feature update",
      "Admin impact"
    ],
    "title": "Teams admin center: Messaging safety defaults changing to \"On\" by default"
  }
}