You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/defender-for-office-365-whats-new.md
+5-1Lines changed: 5 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ ms.author: chrisda
8
8
author: chrisda
9
9
manager: deniseb
10
10
ms.localizationpriority: medium
11
-
ms.date: 7/1/2025
11
+
ms.date: 7/25/2025
12
12
audience: ITPro
13
13
ms.collection:
14
14
- m365-security
@@ -39,6 +39,10 @@ For more information on what's new with other Microsoft Defender security produc
39
39
-[What's new in Microsoft Defender for Identity](/defender-for-identity/whats-new)
40
40
-[What's new in Microsoft Defender for Cloud Apps](/cloud-app-security/release-notes)
41
41
42
+
## July 2025
43
+
44
+
- Users can report external and intra-org [Microsoft Teams messages](submissions-teams.md) from chats, standard and private channels, meeting conversations to Microsoft, the specified reporting mailbox, or both via [user reported settings](submissions-user-reported-messages-custom-mailbox.md).
45
+
42
46
## June 2025
43
47
44
48
- Defender for Office 365 is now able to detect and classify mail bombing attacks. Mail bombing is a distributed denial of service (DDoS) attack that typically subscribes recipients to a large number of legitimate newsletters and services. The resulting volume of incoming email within minutes intends to overwhelm the recipient's mailbox and email security systems, and acts as a precursor to malware, ransomware, or data exfiltration.
Copy file name to clipboardExpand all lines: defender-office-365/mdo-support-teams-about.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,7 +16,7 @@ ms.collection:
16
16
- tier1
17
17
description: Admins can learn about Microsoft Teams features in Microsoft Defender for Office 365 Plan 2.
18
18
ms.service: defender-office-365
19
-
ms.date: 04/03/2025
19
+
ms.date: 07/24/2025
20
20
appliesto:
21
21
- ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 2</a>
22
22
---
@@ -34,7 +34,7 @@ With the increased use of collaboration tools like Microsoft Teams, the possibil
34
34
35
35
In Microsoft 365 E5 and Defender for Office 365 Plan 2, we've extended Teams protection with a set of capabilities that are designed to disrupt the attack chain:
36
36
37
-
-**Report suspicious Teams messages**: Users can report malicious Teams messages. Depending on the reported message settings in the organization, the reported messages go to the specified reporting mailbox, to Microsoft, or both. For more information, see [User reported settings in Teams](submissions-teams.md) and [MC 1037768](https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC1037768).
37
+
-**Report suspicious Teams messages**: Users can report malicious Teams messages. Depending on the reported message settings in the organization, the reported messages go to the specified reporting mailbox, to Microsoft, or both. For more information, see [User reported settings in Teams](submissions-teams.md).
38
38
39
39
-**Zero-hour auto protection (ZAP) for Teams**: ZAP is an existing email protection feature that detects and neutralizes spam, phishing, and malware messages after delivery by moving the messages to the Junk Email folder or quarantine.
In organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR, admins can decide whether users can report malicious messages in Microsoft Teams. Admins can also get visibility into the Teams messages that users are reporting.
30
30
31
-
Users can report messages in Teams from chats, standard channels, and meeting conversations. Users can only report messages as malicious.
31
+
Users can report messages in Teams from chats, standard and private channels, and meeting conversations. Users can only report messages as malicious.
32
32
33
33
> [!NOTE]
34
34
> User reporting of messages in Teams is not supported in U.S. Government organizations (Microsoft 365 GCC, GCC High, and DoD).
@@ -50,7 +50,7 @@ To view or configure this setting, you need to be a member of the **Global Admin
50
50
> [!IMPORTANT]
51
51
> Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
52
52
53
-
1. In the Teams admin center at <https://admin.teams.microsoft.com>, go to **Messaging policies**. Or, to go directly to the **Messaging policies** page, use <https://admin.teams.microsoft.com/policies/messaging>.
53
+
1. In the Teams admin center at <https://admin.teams.microsoft.com>, go to **Settings & policies** and than **Messaging**. Or, to go directly to the **Messaging policies** page, use <https://admin.teams.microsoft.com/one-policy/settings/messaging>.
54
54
55
55
2. On the **Messaging policies** page, verify that the **Manage policies** tab is selected, and do either of the following actions to edit the appropriate policy (the **Global (Org-wide) default** policy or a custom policy):
56
56
- Select the link in the **Name** column.
@@ -82,7 +82,7 @@ For more information about user reported message settings in the Defender portal
82
82
83
83
## How users report messages in Teams
84
84
85
-
1. In the Microsoft Teams client, hover over the malicious message without selecting it, and then select **... More options**\>**More actions**\>**Report this message**.
85
+
1. In the Microsoft Teams client, hover over the malicious message without selecting it, and then select **... More options**\>**Report this message**.
86
86
87
87
:::image type="content" source="media/submissions-user-report-message-in-teams-client-click-path.png" alt-text="Screenshot of the Select path to report a message in the Microsoft Teams client." lightbox="media/submissions-user-report-message-in-teams-client-click-path.png":::
88
88
@@ -99,8 +99,7 @@ For more information about user reported message settings in the Defender portal
99
99
> - The reported message remains visible to the user in the Teams client.
100
100
> - Users can report the same message multiple times.
101
101
> - The message sender isn't notified that messages were reported.
102
-
> - Microsoft also sends an email message notification to the user who reported the message from `[email protected]` with the subject, "You have successfully reported a Teams message as a security risk." If Teams integration is turned on in the Defender portal, admins can customize some elements of the notification message in the **Email notifications** section on **User reported settings** page as described in [Customize the messages used to notify users](submissions-admin-review-user-reported-messages.md#customize-the-messages-used-to-notify-users).
103
-
102
+
104
103
## What happens after a user reports a message from Teams?
105
104
106
105
What happens to a user reported Teams message depends on the settings in the **Reported message destinations** section on the **User reported settings** page at <https://security.microsoft.com/securitysettings/userSubmission>:
0 commit comments