What’s New in the Hybrid Data Center & Microsoft | January 2026

Microsoft 365 Copilot continues expanding across meetings, content creation, search, and agents, with growing emphasis on governance, licensing clarity, and model transparency.

• Realtime Voice Chat Availability: Realtime voice chat is now available, enabling hands-free, natural interaction with Copilot. The control appears as the second icon in the bottom-right corner, visually represented by a volume icon.
• Meeting Preparation Button in Microsoft 365 Copilot: Microsoft 365 Copilot users will see a new “Prepare” button replacing “Join” on the Up Next card up to five minutes before meetings, providing quick access to meeting preparation tools.
• Intelligent Meeting Recaps in Teams: Microsoft 365 Copilot in Teams will include intelligent meeting recaps that integrate shared-screen content for richer summaries. The feature requires a Microsoft 365 Copilot license and begins rolling out in February.
• Nonblocking Update Experience in Copilot for Windows: The Microsoft 365 Copilot app for Windows will display a nonblocking “Update” button in the top-right corner when a new version is available. Users can update immediately or defer without interrupting active use.
• Copilot Enhancements in PowerPoint: Microsoft 365 Copilot in PowerPoint will enable users to generate titles, summaries, and captions using natural language based on slide context. Users can also adjust presentation length, tone, and style, and add AI-generated images. The feature requires a Copilot license and is expected by mid-February.
• Copilot Notebooks Feature Expansion: New features include improved navigation, personalized suggestions, an overview page, and expanded AI references. Microsoft 365 Copilot introduces Video Overviews in Copilot Notebooks, allowing licensed users to generate short, narrated video summaries of notebook content.
• Copilot Chat History in Microsoft Search: Microsoft 365 Copilot will integrate historical Copilot chats into Microsoft Search through a new “Copilot Chats” data source. Users will be able to retrieve past interactions from notebooks, agents, and the main Copilot chat experience.
• Anthropic Model Enablement and Data Governance: Anthropic models will be enabled by default in many Microsoft 365 Copilot experiences under Microsoft’s Product Terms and Data Protection Addendum. Admins can toggle this setting. By default, the setting remains off in EU/EFTA, UK, and government clouds. Anthropic is now designated as a Microsoft sub-processor, ensuring contractual and data protection compliance.
• Natural Language Email Triage in Outlook: Microsoft 365 Copilot will enable natural language commands for email triage, including pinning, flagging, archiving, marking messages read or unread, and completing tasks in Outlook. This capability rolls out by mid-December for licensed users.
• Image Model Upgrade: Microsoft 365 Copilot will replace GPT-4o with OpenAI’s GPT Image 1.5, improving image generation quality and capability.
• Researcher Agent Customization: Microsoft 365 Copilot’s Researcher Agent now allows users to customize report length and export formats, including export to Word.
• SharePoint List Agent Introduction: Microsoft 365 Copilot introduces a SharePoint list agent that enables creation of SharePoint lists using natural language and structured content. The feature is rolling out, enabled by default at general availability, with admin controls available.
• Declarative Agent Model Upgrade: Microsoft 365 Copilot declarative agents will upgrade to the GPT-5.1 model with an auto architecture. The upgrade enables advanced reasoning for complex queries, requires no admin changes, and is enabled by default.
• New Copilot Connectors GA: Nine new Microsoft 365 Copilot connectors are now generally available, enabling integration with GitHub, Dropbox, Google Drive, Zendesk, and Amazon S3. These connectors allow users to search, retrieve, and interact with external enterprise data across Microsoft 365 apps. Admins manage connector availability through the Microsoft 365 admin center.

Copilot Chat continues expanding functionality for non-licensed users while adding clearer usage tracking and contextual input support.

• New Tools Button in Copilot Chat: Microsoft Copilot Chat will introduce a new Tools button that provides easy access to task-specific AI capabilities based on the user’s assigned licenses.
• File and Email Inclusion in Prompts: Microsoft 365 Copilot Chat now allows users to include files and emails in prompts by typing / in the web chat prompt box, improving response relevance. Email access is limited to Outlook.
• One-Click Email Thread Summaries in Outlook: Microsoft Outlook will roll out a Copilot Chat feature that summarizes email threads with a single click. This feature is available to users who have Copilot Chat pinned, even if they do not have a Microsoft 365 Copilot license.
• Message Consumption Usage Report (Pay-As-You-Go): A new message consumption usage report for Microsoft 365 Copilot Chat pay-as-you-go billing rolls out in March. The report shows message usage by tenant, user, agent, and billing policy, and generates alerts when users exceed 2,000 billed messages.

Copilot Studio continues expanding agent reasoning, configuration efficiency, and enterprise knowledge grounding while introducing clearer guidance on test versus production usage.

• GPT 5.2 Experimental Models (Early Release): The GPT 5.2 series is rolling out as experimental models for U.S. customers in early release environments. These models improve performance across coding and multilingual use cases and replace the GPT-5.1 series, including agents created using GPT-5.1 models. Because the models are experimental, they are best suited for testing scenarios rather than production workloads.
• Human-in-the-Loop Review via Outlook Forms: Agents can send structured requests delivered as Outlook forms to designated reviewers. After a reviewer submits a response, the agent resumes execution and uses the submitted values as parameters, enabling real-time human judgment without disrupting workflows.
• Curated Action Groups (Preview): Makers can streamline agent configuration by adding curated Action Groups from Outlook and SharePoint connectors. Instead of configuring individual actions, teams can add complete capability sets such as “manage emails” or “manage files” with a single selection, accelerating common communication and content workflows.
• Upgraded Tenant Graph Grounding for SharePoint: Microsoft has shipped an upgraded tenant graph grounding architecture that improves how agents retrieve and rank information when SharePoint is used as a knowledge source. This enhancement delivers more precise, context-aware responses, particularly in content-heavy environments.
• Employee Self-Service Agent (GA): Now generally available, the Employee Self-Service Agent provides a centralized AI-powered experience for common employee support scenarios, including HR and IT needs such as checking leave balances, reviewing benefits, and submitting IT tickets.
• Document, Chart, and Code Generation Skillset: Agents built inside Microsoft 365 Copilot can now generate high-quality Word documents, Excel worksheets, and PowerPoint presentations using the “Generate documents, charts, and code” skillset.
• OneNote as a Knowledge Source: Makers can now add OneNote pages as knowledge sources in Agent Builder, expanding content coverage for agent responses.

Microsoft continues converging security operations across Defender and Sentinel with deeper AI-driven detection, tighter identity controls, and upcoming platform retirements that require admin action.

• Dynamic Threat Detection Agent (Public Preview): Microsoft is expanding the Security Copilot experience inside Defender XDR with a new Dynamic Threat Detection Agent in public preview. The agent runs in the Defender backend and continuously investigates across Defender XDR and Microsoft Sentinel telemetry to uncover activity that traditional rule-based detections can miss. It generates Copilot-sourced alerts with natural-language explanations, mapped MITRE techniques, and tailored remediation steps. Governance, consumption reporting, and the ability to disable the agent are critical as it transitions to an SCU-based pricing model at general availability later in 2026.
• Teams External Domain Blocking via Defender Portal: Admins can now block external users in Microsoft Teams using the Tenant Allow/Block List in the Microsoft Defender portal. The feature supports blocking up to 4,000 domains, is available with Defender Plan 1 or Defender Plan 2, blocks communications from specified domains, and supports audit logging.
• Defender for Identity v2.x IP Address Changes: Microsoft Defender for Identity v2.x sensors will begin using new IP addresses from the AzureAdvancedThreatProtection service tag range. Organizations that restrict outbound IP traffic must update firewall rules to allow this range to prevent sensor connectivity loss.
• Defender for Identity Unified Sensors (v3.x) Automatic Auditing (Opt-In): Unified sensors version 3.x introduce an optional feature for automatic Windows event auditing configuration. When enabled, required auditing settings are automatically applied to new sensors and corrected on misconfigured existing sensors. Admins must explicitly enable this feature via the UI or Microsoft Graph API.
• Microsoft Defender Threat Intelligence (MDTI) Platform Merge: Microsoft Defender Threat Intelligence is merging with Microsoft Defender and Microsoft Sentinel, delivering integrated threat insights and enhanced analytics. After the transition, MDTI requires an active Microsoft Defender or Microsoft Sentinel license.
• Defender for Cloud Apps SIEM Agent Retirement: Defender for Cloud Apps will retire SIEM agents, with no new agents configurable after June 19. Organizations must transition to unified APIs and supported SIEM solutions to maintain alerting and activity data ingestion.
• Microsoft Sentinel Classic Experience Retirement: The classic Microsoft Sentinel experience in the Azure portal will be retired on July 1, 2026. Organizations must take action to migrate to the modern experience to ensure operational continuity.

Defender for Cloud strengthens secure communications and cloud posture management.

• Microsoft Security Private Link Preview: Enables private connectivity between Defender for Cloud and protected workloads, initially focused on container workloads.
• Expanded AWS and Multi-Cloud Visibility: Adds AWS CloudTrail management event ingestion and broader posture management coverage, including serverless resources.

Microsoft Entra continues strengthening identity trust foundations while expanding cross-tenant governance and modernizing access approval workflows.

• DigiCert Root Certificate Transition (G1 to G2): Microsoft Entra has switched from DigiCert Global Root G1 to DigiCert Global Root G2 certificates. Organizations must trust the DigiCert G2 root CA to avoid authentication failures with Entra services. Any certificate pinning to G1 must be removed and trust settings updated to prevent service disruption.
• Cross-Tenant Security Group Synchronization (GA Late April): Microsoft Entra introduces cross-tenant security group synchronization, enabling centralized group management and shared access across tenants. General availability is expected in late April. Admins must explicitly opt in to enable this capability.
• SCIM 2.0 Connector for SAP Cloud Identity Services (GA): A new SCIM 2.0 connector for SAP Cloud Identity Services is now generally available. The connector improves provisioning reliability and supports modern authentication, enhancing identity lifecycle management for SAP-integrated environments.
• Dynamic Approval Logic in Entitlement Management: Entra introduces dynamic approval logic for entitlement management, allowing organizations to determine approvers using external business logic instead of static assignments. This enables more flexible, context-aware access approval workflows aligned to business processes.

Exchange Online continues modernizing admin tools and access controls.

• New Message Trace GA: Replaces legacy cmdlets and UI. Legacy tools are supported in parallel until full deprecation on March 18.
• EWS Licensing Enforcement: EWS access is blocked for mailboxes licensed only with Exchange Online Kiosk, Microsoft 365/Office 365 F1, or F3. A license with EWS rights (Exchange Online Plan 1/2 or M365 E3/E5) is required.
• Exchange ActiveSync Version Enforcement: Devices using EAS versions below 16.1 will be blocked. Outlook Mobile is unaffected. Admins can identify affected devices via PowerShell.

Fabric improves production readiness and on-prem integration.

• Spark Job Definition Activity Enhancements: Fabric Data Factory pipelines now support connection property for more secure SJD execution.
• Manual On-Premises Data Gateway Updates Preview: Enables admins to manually initiate gateway updates.
• Power BI Desktop Compatibility Update: On-premises data gateway compatibility aligns with the December 2025 Power BI Desktop release.

Microsoft Intune continues expanding advanced endpoint capabilities, automation, and analytics while refining device provisioning behavior across Windows environments.

• Intune Suite Capabilities Coming to Microsoft 365 E3/E5: Microsoft has announced that capabilities from the Intune Suite will be included with Microsoft 365 E3 and E5 licenses, broadening access to advanced endpoint management and analytics. Additional details on specific features and rollout timing are expected in 2026.
• Intelligent Agent Expansion in Intune: Microsoft Intune continues expanding its use of intelligent agents to reduce administrative overhead and improve decision quality. New agent-driven capabilities help administrators review configuration changes, assess script risk prior to approval, and identify stale or misaligned devices across Intune and Microsoft Entra.
• Mobile Threat Defense and Windows Provisioning Updates: Intune has added support for additional mobile threat defense partners and continues refining Windows device provisioning behavior. Notably, changes to how Windows quality updates are applied during initial setup begin rolling out in early 2026, which may impact Autopilot and enrollment workflows for Microsoft Entra–joined and hybrid-joined devices.

OneDrive enhancements focus on AI-powered file interaction, improved discoverability, and smarter mobile content capture.

• AI Agents in OneDrive: Agents allow users to group files for AI-powered project assistance, enabling questions, summaries, and collaboration. Agents are stored as .agent files in OneDrive, are editable and shareable, and are governed by admin controls.
• Built-In OCR for Mobile Apps: OneDrive mobile apps will gain built-in OCR to make scanned PDFs searchable and editable. The rollout begins worldwide in early February, is enabled by default, and requires no admin action.

Outlook continues evolving toward stronger data protection controls, richer identity context, and a more consistent scheduling experience across clients.

• Inline Calendar Appointment Creation: In new Outlook for Windows and Outlook on the web, single-clicking an empty calendar slot now enables inline appointment creation instead of opening a quick compose popup, aligning behavior with classic Outlook.
• Custom Profile Card Properties: Microsoft will roll out new customizable profile card properties across Microsoft 365, allowing admins to surface Role, Division, Employee ID, Number, and Cost Center. These values can be sourced from Microsoft Entra ID or external HR systems via Microsoft Graph connectors.
• Wait on Send for Data Loss Prevention: New Outlook for Windows will support Wait on Send for DLP, blocking email delivery until policy evaluation completes or a timeout occurs.
• Customizable Oversharing Dialog for DLP: New Outlook for Windows introduces a configurable oversharing dialog that supports multi-language messaging, business justifications, and dynamic tokens. The feature rolls out globally from January, is off by default, and is configurable through the Microsoft Purview Compliance portal.

Planner continues to evolve into an execution layer for Copilot-driven collaboration and task management.

• Facilitator and Channel Agents Task Capture: The Facilitator and Channel Agents can capture meeting intent into tasks, generate status reports, and create workback plans. All generated tasks and updates sync directly to Planner, improving traceability and follow-through without manual task entry.

Power BI continues shifting toward Copilot-driven insights while removing legacy query experiences.

• Power BI Q&A Retirement Timeline: Power BI Q&A will be deprecated in December 2026. Organizations should transition users to Power BI Copilot, which provides a more advanced, integrated natural-language analytics experience.
• Direct Lake and DirectQuery Drill-Through Support: The limitation preventing drill-through via Excel’s “Show Details” feature when using Analyze in Excel on Direct Lake and DirectQuery semantic models has been removed, improving analyst workflows and self-service reporting.

The Power Platform Admin Center continues expanding governance, visibility, and planning capabilities to support scaled app and agent deployments.

• Power Platform Monitor Enhancements (Public Preview): Two new features are available in Power Platform Monitor, including a Copilot Studio product list page that surfaces operational health metrics for conversational and autonomous agents, and Agent Alerts that allow admins to configure alert rules and proactively detect agent health issues.
• Environment Settings App Becomes Default Experience: The Power Platform Environment Settings app will become the default interface for managing all environment settings, replacing the legacy Advanced Settings experience. Admins should update operational documentation and workflows accordingly.
• Dataverse Security Role Visibility: Admins can now view Microsoft Dataverse security role details directly in the Power Platform admin center, including role descriptions, which apps each role applies to, and the associated core table privileges.
• External Identity Provider Controls for Power Pages: New controls allow admins to select which external identity providers can be used on Power Pages sites. The feature supports environment-level governance with optional site-level exceptions.
• Process Maps General Availability: Process Maps are now generally available, enabling makers to visualize workflows directly within plans. This helps teams align steps, roles, and decision points before building or refining applications.
• Flexible Dataverse Capacity Plans: New flexible Dataverse capacity plans are available for apps and agents, with increased baseline capacity across Dynamics 365 and Power Platform workloads.
• Solution Plans from Existing Solutions: Makers and admins can now create Solution Plans directly from existing solutions, providing a structured view of current functionality and future opportunities. This simplifies solution documentation and improves knowledge transfer to future engineers.

Microsoft Purview continues expanding compliance automation, data minimization, and investigation capabilities across Microsoft 365.

• Retention Based on “Last Accessed” (Preview): Microsoft Purview will enable retention policies based on “last accessed” for OneDrive and SharePoint files, with preview starting in late May. This feature helps remove obsolete data, reduce storage sprawl, and improve Microsoft 365 Copilot response quality. No admin action is required before rollout.
• Classifier Simulation Mode: Purview introduces Classifier Simulation Mode, allowing admins to test custom classifiers on production data before publishing. The feature provides health insights in the compliance portal, helping reduce false positives and improve classifier performance. Access is governed by RBAC.
• Retention Hold Removal Cmdlet Enhancements: New opt-in cmdlet parameters enable targeted removal of retention holds from inactive mailboxes:
  • ExcludeFromAllHolds removes most holds except eDiscovery and litigation holds.
  • RemoveComplianceTagHold removes only Compliance Tag holds.
    These parameters enable permanent deletion while respecting compliance requirements.
• Data Security Investigations – Purge Mitigation: Purview Data Security Investigations will add a new purge mitigation action that allows admins to delete sensitive or overshared content during investigations.
• Purview Role Mapping to Microsoft Entra: Certain Purview admin roles will map automatically to new Microsoft Entra roles to improve security and permission synchronization. High-privileged Purview roles will correspond to three Entra roles. No customer action is required, and these roles should not be assigned directly in Entra.
• Sensitivity Labels with User-Defined Permissions (Office for the Web): Microsoft 365 Office for the web will support applying sensitivity labels with user-defined permissions in Word, Excel, and PowerPoint, aligning behavior with desktop applications.
• Legacy Records Features Retirement: SharePoint Online will retire legacy features including Information Management Policies and In-Place Records Management in April. Organizations must migrate to Microsoft Purview Data Lifecycle Management and Purview Records Management to avoid loss of functionality.

SharePoint Online continues tightening authentication, enforcing modern security controls, and expanding centralized governance to reduce risk across content and customizations.

• Legacy SharePoint Online CDN Domain Retirement: The legacy CDN domain publiccdn.sharepointonline.com will be retired by late April. All hardcoded references must be updated to public-cdn.sharepointonline.com to avoid 404 errors and broken asset delivery.
• IDCRL Authentication Protocol Retirement: Microsoft is retiring the legacy IDCRL authentication protocol in SharePoint Online and OneDrive for Business, enforcing modern OpenID Connect and OAuth authentication. Legacy auth will be blocked by default, with temporary re-enablement available via PowerShell before permanent retirement.
• Content Security Policy (CSP) Enforcement: SharePoint Online will enforce Content Security Policy (CSP), blocking scripts from non-trusted sources in custom SPFx solutions. Inline scripts must be moved to external files, and all scripts must originate from trusted sources. CSP enforcement can be postponed for 90 days via PowerShell.
• Catalog Management (SharePoint Advanced Management): Catalog Management introduces centralized, intelligent site clustering to streamline governance and apply lifecycle, access, and storage policies at scale without affecting end users.
• Permissions Reporting in SharePoint Admin Center: A new Permissions report under Data access governance shows which sites a user can access, including direct and group-based permissions.
• Copilot Button in File Previewer: A Copilot button will appear in the bottom-right corner of the OneDrive and SharePoint file previewer, replacing the command bar button. The feature provides contextual Copilot chat and prompts for paid Copilot license users. Rollout begins mid-November and excludes GCC, GCCH, and DoD tenants.
• Site Attestation Policy General Availability: Site attestation policy is now generally available, enabling SharePoint admins to require site owners to periodically verify site ownership, membership, and sharing settings. The feature is off by default and requires explicit admin configuration.

Teams chat and channel updates focus on stronger governance, safer collaboration defaults, and improved usability across everyday messaging scenarios.

• Apps Support in Private Channels: Apps including bots, tabs, and message extensions are now supported in private channels. Admins and developers must update Teams app policies and app configurations to ensure compatibility with private channel governance controls.
• Collaborative Notes in Group Chats: A new Notes tab enables real-time co-creation of notes, agendas, and action items directly within group chats. The feature is enabled by default and can be managed through the Teams Admin Center or PowerShell.
• Designer Bot and Designer Banner Retirement: Designer bot and Designer banners in Teams are retired. Users can no longer access these features and should use Copilot in Teams for image generation instead. Organizations should update internal documentation and user guidance.
• Files Tab Renamed to “Shared”: The Files tab in channels is now renamed “Shared,” combining shared post content and document library files into a unified experience. Views include posts and library modes with ordering and filtering. No admin action is required, but user communication is recommended.
• Messaging Safety Features Enabled by Default: Weaponizable file type protection, malicious URL protection, and reporting incorrect detections are now enabled by default to reduce phishing and malware risk in Teams messaging.
• Trust Indicators for External Users: Visual badges identify external, guest, and anonymous users in chats and channels to help reduce oversharing and improve user awareness.
• Tenant-Owned Domain Impersonation Protection: Teams now analyzes identity and domain authenticity when an external user first contacts someone in your tenant, helping detect spoofing and phishing attempts that mimic your organization’s domain.
• Private Channel Limits Increase: Private channels now support up to 1,000 channels per team and 5,000 members per channel. Compliance policies for private channels shift from user mailboxes to Microsoft 365 group mailboxes, requiring admin review and policy updates.

Teams Meetings updates focus on improving call quality feedback, real-time collaboration during meetings, and administrative troubleshooting and control.

• Rate My Call Survey Redesign: The Rate My Call survey will move to a single-screen thumbs up / thumbs down experience with problem tokens and comments. As a result, metrics in the Call Quality Dashboard may show an increase in reported poor calls due to higher user participation rather than an actual decline in service quality.
• Collaborative Annotation Requests During Screen Sharing: Meeting participants can request collaborative annotation sessions during screen sharing on Windows and Mac desktops. Presenters can accept or deny requests. Anonymous users cannot request annotation.
• Interpreter and Multilingual Experience Enhancements: The interpreter experience is enhanced with automatic spoken language detection, a “Preparing” status indicator for interpreters, and clearer configuration explanations. These updates are available to Microsoft 365 Copilot users across multiple platforms.
• Private Organizer Chat for Structured Meetings: Teams will introduce a private chat for organizers, co-organizers, and presenters in structured meetings, webinars, and town halls, unifying backroom chat behavior across town halls. Rollout begins in March and will affect meeting policies, requiring admin review and user communication.
• Recording and Transcription Controls for Teams Rooms on Android: Recording and transcription controls are available in Teams Rooms on Android for users with Teams Rooms Pro licensing. Permissions are required for organizer and room accounts, with limitations based on call types and tenant scenarios.
• Meeting Troubleshooting Enhancements in Teams Admin Center: The Teams admin center adds enhanced meeting troubleshooting, including automatic issue identification, detailed participant data, smarter search, and Microsoft 365 Copilot integration, enabling admins to diagnose and resolve meeting and call issues more efficiently.
• Adaptive Front of Room Experience for Town Halls: Teams Rooms on Android will introduce an Adaptive Front of Room Experience for Town Halls. The feature requires a Teams Room Pro license and provides distraction-free attendee views with full presenter control.

Teams Phone updates address device configuration behavior and clarify admin rollout guidance.

• Line Keys Rollout Paused: Microsoft has paused the rollout that enables IT admins to configure line keys on Teams-certified phones for speed dials, call queues, and shared lines. Admins should continue configuring line keys directly on devices until further notice.

Teams Premium continues expanding high-fidelity meeting and event capabilities for organizations running large or production-grade sessions.

• 1080p Video for Town Halls: Teams Premium supports 1080p video resolution for town halls. Admins must enable the feature via policy, ensure sufficient network capacity, and use Ultra-Low Latency mode together with Microsoft Enterprise Content Delivery Network (eCDN) for optimal performance.

Windows updates introduce major deployment lifecycle changes, tighter platform security controls, and remediation guidance for recent enterprise update issues.

• Microsoft Deployment Toolkit (MDT) Immediate Retirement: Microsoft is announcing the immediate retirement of Microsoft Deployment Toolkit (MDT). MDT will no longer receive updates, fixes, or support. Organizations should begin planning a transition from MDT to Windows Autopilot or Configuration Manager Operating System Deployment (OSD).
• AllowOOBEUpdatesCSP Policy Availability: The AllowOOBEUpdatesCSP policy is available but disabled by default and appears as a new setting on the Windows Autopilot Enrollment Status Page (ESP). When enabled, it allows installation of the latest Windows quality updates during the out-of-box experience (OOBE). Devices must be Microsoft Entra–joined or Microsoft Entra hybrid–joined and running Windows 11, version 22H2 or later.
• Microsoft 365 Apps Version Requirement: Microsoft 365 Office apps must be updated to a version higher than 16.0.18827.20202 to maintain Read Aloud, Transcription, and Dictation functionality. These features will stop working on earlier versions due to backend service upgrades.
• Common Log File System (CLFS) Authentication Hardening: Microsoft published guidance on upcoming CLFS authentication hardening. For Windows 11, version 25H2, and Windows Server 2025 updates released on or after October 28, 2025, the CLFS driver adds an integrity check using an HMAC on CLFS log files.
• Out-of-Band Message Queuing (MSMQ) Update: Microsoft released an out-of-band update to address MSMQ issues observed in some enterprise environments after installing the December 2025 Windows security update. The fix is available in the Microsoft Update Catalog with version-specific KBs for affected releases.