What’s New in the Hybrid Data Center & Microsoft | February 2026

• Outlook Reasoning Expansion: Copilot Chat now reasons across inbox, calendar, and enterprise data, increasing exposure to sensitive information. Organizations should validate Purview and DLP alignment.
• Agent Mode in Office Apps: Agent Mode is arriving in Word, Excel, and PowerPoint using web data and files, with app-specific agents leveraging Anthropic Claude. Review grounding sources and plugin governance.
• PowerPoint Agent Mode: Conversational editing that preserves formatting is rolling out now through mid-March for licensed users.
• Tools Menu in Copilot Chat: A new Tools entry point will surface task-based AI capabilities based on user entitlements. Expect additional discovery and governance considerations.
• Viva Copilot Analytics Agent Dashboard: Rolling out through March, the dashboard provides adoption, retention, and credit usage metrics for tenants with 50+ licenses.
• Automatic Rescheduling: Copilot will reschedule flexible 1:1 meetings and personal events through the end of February 2026 according to preferences, which may influence calendar governance expectations.
• Disable Copilot in Meetings: Users will soon be able to turn off Copilot, disabling recording, transcription, and Facilitator access simultaneously. Policies should clarify acceptable usage scenarios.
• Default No-Transcription Mode: Starting late March, new meetings default to a mode without transcription, though in-meeting history persists. Transcription must be enabled for post-meeting queries.
• Copilot Readiness Packages: By mid-March 2026, the admin center will provide recommended configurations and assessments for secure deployments.
• Natural Language Inbox Rules: Rolling out now through early March, users can create and view rules via prompts, requiring monitoring for unintended automation.
• PAYG Retrieval API: Pay-as-you-go access enables tenant-level retrieval for users without Copilot licenses under admin control, expanding potential consumption scenarios.
• Teams Channels in Context IQ: By mid-February, prompts can include relevant channels the user has access to, reinforcing permission hygiene importance.
• Custom AI Meeting Summaries: Meeting Recap will support template-driven outputs for Copilot users.
• Interactive Podcasts: Real-time voice interaction arrives by mid-March, enabling conversational follow-ups and new accessibility models.
• Finder Integration on macOS: Users will be able to query OneDrive file contents from Finder context menus.
• Outlook Mail Actions: Copilot now supports pin, flag, archive, and read-state commands through natural language.

📌 Driving adoption in 2026 is all about impactful agentic work. Learn more about the six pillars that will drive AI adoption in 2026 beyond assisting users with individual tasks.

• Improved History and Recall: Users will find prior outputs more reliably, improving reuse and institutional knowledge, though grounding remains limited compared with licensed Copilot experiences.
• Adoption Metrics Availability: Reporting becomes visible globally by late February 2026 for tenants with at least one Copilot license, offering baseline insight even before broad rollouts.
• Edge Contextual Grounding: Beginning mid‑March 2026, Edge for Business can summarize tabs, Microsoft 365 documents, and YouTube content. The capability is off by default, respects DLP, and requires Entra ID authentication, so policy alignment remains central.

• Knowledge Source Filtering: Makers can explicitly define which repositories agents may use, improving relevance while reducing accidental over‑exposure of data.
• Draft with Copilot: Prompt builder assistance helps transform intent into structured, higher‑quality instructions, lowering the expertise barrier for builders.
• Adjustable Moderation Levels: Organizations can calibrate how aggressively prompts are filtered, supporting differentiated risk tolerances.
• Lite to Full Experience: Users can now copy agents from the Lite Copilot Studio into the full experience, gaining advanced authoring, publishing, and governance features 

• Attack Disruption Updates: Microsoft continues refining automated containment so lateral movement and persistence can be limited earlier in the incident lifecycle.
• AI Incident Prioritization: In preview, machine reasoning evaluates relationships across signals to highlight the events most likely to matter, helping teams move from volume management to outcome management.
• Built‑in Alert Tuning: Default suppression rules reduce noise immediately, minimizing the need for complex custom engineering on day one.
• Advanced Hunting Enhancements: Expanded BehaviorInfo and BehaviorEntities context accelerates investigations and correlation across users and assets.
• Large Query Handling: Instead of failing, oversized hunts now return partial results with transparency, making big‑data scenarios more predictable.
• Sentinel Portal Retirement: Microsoft reaffirmed the shift toward the Defender portal, with full transition targeted by March 2027. Consolidation planning should begin well in advance.
• Cross‑Tenant Rule Distribution: Preview functionality enables standardized baselines across multi‑tenant estates, a major efficiency gain for MSSPs and distributed enterprises.

• Sender and Domain Blocking: Expanded administrative controls allow faster response to abuse patterns directly from the Defender interface.
• Plan 1 Suspicious Message Reporting: Capabilities previously reserved for Plan 2 now broaden coverage and improve early detection opportunities.
• Plan 1 Auto Purge: Zero‑hour and post‑delivery remediation for Teams messages increase baseline protection across more tenants.

• AI Threat Protection Preview: New capabilities extend monitoring and defense to applications leveraging Microsoft Foundry Agent Service, reflecting Microsoft’s expectation of rapid agent growth.
• SQL Simulated Alerts GA: Security teams can test detection logic and response playbooks without generating real malicious activity, strengthening readiness programs.

• Object‑Level SOA Migration GA: Administrators can progressively shift authority from synchronized AD objects to native cloud control without user disruption, supporting phased modernization and reduced dependency on legacy infrastructure.
• Agent IDs Preview: Dedicated non‑human identities for automation improve auditability, least privilege alignment, and threat modeling maturity.

• RC4 Deprecation: Beginning in April, Kerberos will no longer fall back to RC4 encryption. Environments with legacy systems, outdated service account passwords, or older applications should remediate now using domain controller logging introduced in recent updates.
  • If you have older systems, legacy applications, or service accounts with very old passwords, authentication issues may surface once enforcement begins. Recent Windows updates have already added logging on domain controllers to flag RC4 usage, giving organizations a chance to identify and fix issues now. Use the time now, clean things up, or be prepared to troubleshoot authentication problems later.

• Reliability Investments: January engineering work continues to harden core services that underpin lakehouse, warehouse, and real-time analytics scenarios. Organizations should expect incremental performance gains and fewer edge-case failures as workloads consolidate into Fabric.
• Experience and Tooling Unification:
  • Microsoft is further aligning Power BI, Synapse, and Data Factory experiences under shared navigation, governance, and compute constructs.
  • While disruption remains low, administrators should anticipate gradual shifts in where features live, how permissions are inherited, and how cross-workload integrations are surfaced.

• PowerShell as Win32 Installer: Admins can now upload scripts that run in the installer context, enabling prerequisite validation, configuration logic, and post‑install steps while still reporting standardized return codes.
• Secure Boot Certificate Management: Deployment, monitoring, and reporting are integrated with Intune and Windows Autopatch, supporting proactive remediation ahead of expirations.
  • If you have certificate expirations approaching, incorporate these controls into your endpoint readiness plan
• MFA Enforcement for Admin Portals: Microsoft has begun enforcing multifactor authentication across Microsoft 365 administration surfaces, so verify readiness for privileged and emergency accounts.
• Quality Update Policies Near GA: These controls deliver granular approval and rollout logic, reducing reliance on legacy update frameworks.
• Stricter MAM Enforcement: Applications not properly wrapped or updated may fail to launch under policy, keeping endpoints aligned with security expectations.

• EWS and Authentication Tightening: Microsoft continues compressing timelines around legacy access patterns that frequently persist in mailbox automation, service integrations, and third-party products. Application owners should inventory where Exchange Web Services, basic auth remnants, or older tokens remain in use so remediation can be scheduled deliberately instead of under outage pressure.
• Transport Trust and TLS Validation: Updated guidance highlights the need to revalidate certificate chains anywhere mail is terminated, inspected, or relayed. Environments using gateways, secure mail appliances, or outbound relays should confirm DigiCert root updates are present in both operating system and device trust stores.
• SMTP AUTH Posture Reviews: Tenants still permitting authenticated SMTP for devices and legacy applications should confirm exception lists, modernization timelines, and ownership. As Microsoft tightens defaults, undocumented dependencies are the most common source of surprise disruption.
• Operational Readiness Expectation: Collectively, these changes reinforce Microsoft’s direction toward modern auth, explicit trust, and reduced legacy surface area. Messaging and identity teams should treat this as ongoing technical debt reduction rather than a one-time project.

• Agents in OneDrive GA: Agents are now generally available in OneDrive for the web for users with a Microsoft 365 Copilot license. An agent is saved as a persistent .agent file in OneDrive and is built from selected files or folders rather than a single document.
• Multi-Document Insights: Agents can answer questions across multiple documents, summarize key takeaways, and surface owners, deadlines, risks, and action items grounded in the content they are scoped to, while respecting existing OneDrive and SharePoint permissions.

• January Power BI Update: The January update delivers improvements across reporting, Copilot integration, and visualization. Modern visual tooltips are now generally available, improving report interactivity, while Azure Maps visuals gain enhanced marker support for richer geographic analysis.
• Copilot Expansion and Deprecations: Copilot access continues to expand across Power BI experiences. Microsoft also reaffirmed upcoming deprecations, including Power BI Q&A, signaling a long-term shift toward Copilot-driven analytics workflows.

• Adaptive Scope Management: New adaptive scope options simplify large-scale data governance through PowerShell, reducing administrative overhead when managing extensive datasets.
• Posture Capabilities Expansion: Purview posture-related features continue expanding in preview, strengthening Microsoft’s data security posture management strategy as organizations prepare data environments for AI and Copilot use.

• SharePoint at 25 Event: Microsoft announced a global digital “SharePoint at 25” event scheduled for March 2, 2026, which will include previews of new AI- and Copilot-powered capabilities and guidance on SharePoint’s role as a knowledge platform for Copilot and agents.
• SharePoint Premium Previews: Microsoft refreshed messaging encouraging participation in public previews for Microsoft 365 Backup, Microsoft 365 Archive, and SharePoint Embedded. These offerings should be evaluated in controlled pilots due to licensing, retention, and operational considerations.

• On-Prem CUs Released: Microsoft published January 2026 cumulative updates for SharePoint Server Subscription Edition and SharePoint Server 2019.
  • Staying current remains the baseline requirement for security fixes and platform stability in on-prem environments.

• Enter Key Behavior Customization: Users can configure whether the Enter key sends a message or inserts a new line via Settings > Chats and Channels, reducing accidental message sends.
• SharePoint Agents Discovery: Users can discover and add SharePoint agents directly within Teams chats on Desktop and Mac through the “Add Agents and Bots” option or Teams Store. Rollout begins March 2026 and requires no admin action for eligible users.
• Chat Ergonomics Improvements: Microsoft continues improving chat and channel usability, including message previews in notifications and autocorrect support to reduce friction in daily communication.

• Teams Rooms Enhancements: Updates focus on room and event experiences, including Interpreter agent support for Teams Rooms on Windows, multi-camera view switching, and improved utilization analytics in the Pro Management portal.
• Google Meet Interoperability: Two-way Direct Guest Join between Google Meet and Teams Rooms enables cross-platform meeting participation. Organizations should validate identity, compliance, and device expectations in pilot scenarios before broad rollout.

• Brand Impersonation Protection: A new calling security feature evaluates incoming VoIP calls from first-time external contacts for brand impersonation risk and warns users of suspicious calls. Rollout targets target-release tenants and is enabled by default.
• Line Key Administration and Events Preview: New admin configuration options for line keys are available through the Teams admin center, alongside a new Teams events experience in public preview.
• Queues Shared History: The Queues app shared history feature (public preview) provides shared visibility into calls and voicemails for call queues.

• External Collaboration Administrator Role: A new RBAC role arriving in early February 2026 allows scoped management of external collaboration settings via PowerShell without full Teams admin rights.
• Android Device Management Transition: Teams Android device management will move from the Teams admin center to the Teams Rooms Pro Management portal between April and September 2026.
• Frontline Worker Pilot Controls: The Teams admin center will support deployment and monitoring of frontline worker pilots, including workload configuration, QR-based access, and adoption tracking.
• Slack Migration Tool: A Slack-to-Teams migration tool rolls out from late January to early March 2026, enabling migration of Slack channel content into Teams channels with no opt-in required.
• Third-Party App Governance: Admins can manage Microsoft 365–certified third-party apps via org-wide, rule-based controls. Rollout is expected mid-March and is disabled by default.

• Custom Meeting Reactions: Teams Premium will allow replacement of standard reactions with custom branded visuals via admin policies.
  • Rollout completes by late March 2026.

• January Security Update Advisory: Microsoft issued a Windows Message Center “Take Action” notice for issues observed with the January 2026 security update and released an out-of-band fix on January 17, 2026.
• Autopilot Known Issue: Microsoft identified a Windows Autopilot issue affecting Entra hybrid joined devices, where quality update scans during OOBE may time out if the Allow OOBE Updates policy is enabled. Organizations using hybrid Autopilot should review ESP configurations and test provisioning flows.