What’s New in the Hybrid Data Center & Microsoft | March 2026

Microsoft continues to expand Copilot from a chat assistant into a more operational, agent-driven productivity layer with new model options, deeper app integration, and growing governance controls.

• Claude Cowork Capabilities in Copilot: Anthropic’s Claude Cowork capabilities are coming to Copilot, shifting chat from simple prompting toward more task-oriented, multi-threaded, multi-step execution. This signals deeper agentic workflows within the Copilot experience for enterprise productivity scenarios.
• Model Selection in Copilot Chat: Copilot Chat now allows users to select Claude models and the latest OpenAI GPT models. For organizations, this increases flexibility but also raises governance considerations around approved model use, output quality, and policy alignment.
• Edit in Word, Excel, and PowerPoint: Copilot’s Edit in Word, Excel, and PowerPoint experience now enables users to make changes directly inside the applications, while dedicated Word, Excel, and PowerPoint agents in Copilot Chat allow rich content creation from within the chat pane. This deepens in-app productivity and positions the app-based agent interface as a primary working surface.
• Agent 365 General Availability and Pricing: Agent 365, Microsoft’s centralized agent governance platform, is scheduled for general availability on May 1, 2026. Microsoft lists pricing at $15/user/month or as part of the new E7 bundle, though organizations using Power Platform governance should continue to evaluate how Agent 365 and Power Platform controls complement each other.
• Real-time Voice Chat: Real-time voice chat is now available in Microsoft 365 Copilot, enabling more natural, hands-free interaction. This may improve accessibility and workflow efficiency, especially in multitasking or mobile-heavy productivity scenarios.
• Open Cited Files Directly in Chat: Microsoft 365 Copilot will let users open cited Word, Excel, and PowerPoint files directly within Copilot Chat instead of opening them in a separate browser tab. This reduces context switching and supports faster review and action within the same workspace.
• Meeting Scheduling in Copilot Chat: Microsoft 365 Copilot now supports scheduling meetings directly from Copilot Chat, including finding times, booking rooms, drafting agendas, and sending invites. This expands Copilot’s role from content assistance to workflow execution.
• Public Web Links in Copilot Notebooks: Copilot Notebooks will allow licensed Copilot users to add public web links as references in addition to Microsoft file types. This broadens the contextual inputs available for analysis and content generation.
• Copilot in Shared and Delegate Mailboxes: Microsoft 365 Copilot will be available in Outlook shared and delegate mailboxes, while conversation history will remain associated with the user’s primary account. Organizations using shared mailbox workflows should review how this affects data access, productivity, and audit expectations.
• Graph APIs for Copilot Admin Management: Microsoft 365 now includes new Graph APIs that allow administrators to manage Copilot agents and apps programmatically. This supports automation, reporting, and platform integration without requiring UI-driven administration or policy changes.
• Copilot in Teams Without Transcription by Default: Copilot in Teams will default to operating without transcription in new meetings, while conversation history remains available during the meeting. This has implications for meeting governance, privacy expectations, and recap behavior.

Copilot Studio is advancing quickly as Microsoft deepens enterprise automation, model flexibility, and governance controls for agent-driven workflows.

• Multiple Foundation Models for Computer-Using Agents: Computer-using agents now support multiple foundation models, including Anthropic Claude Sonnet 4.5 alongside OpenAI’s Computer-Using Agent. This gives organizations more flexibility to choose models based on interface type, task complexity, and operational fit.
• Built-In Credentials for Computer Use: Computer use now supports built-in credentials so agents can securely log in to websites and desktop applications, reuse credentials across automations, and eliminate manual login prompts. This is especially significant for unattended execution and enterprise automation scale.
• Advanced Monitoring and Observability: Computer use now includes richer observability and advanced monitoring, giving operations, security, and compliance teams the ability to inspect behavior step by step. These controls are important for governance, auditability, and trust in autonomous actions.
• Cloud PC Pool for Agents: The new Cloud PC pool, powered by Windows 365 for Agents, provides fully managed cloud-hosted machines that are Microsoft Entra joined and Intune enrolled for computer use runs. This gives organizations a scalable managed runtime for agent execution with familiar identity and device management controls.
• xAI Model Support in Copilot Studio: xAI has joined the Microsoft Copilot Studio model provider lineup, allowing United States-based makers, once enabled by administrators, to build with Grok 4.1 Fast. Organizations should note that broader regional readiness evaluations are still underway.

Defender for Office 365 continues to add operational controls that improve user reporting workflows and reduce the need for overly broad administrative permissions.

• Suspicious Teams Message Reporting in Plan 1: Microsoft Defender for Office 365 Plan 1 will allow users to report suspicious Teams messages as either security risks or false positives, with reports surfacing in the Defender portal. This broadens human detection signals beyond email and helps security teams monitor collaboration-based threats more effectively.
• New URBAC Permission in Plan 2: Defender for Office 365 Plan 2 introduces a new Unified Role-Based Access Control permission that allows admins to preview and download email content connected to malware or phishing alerts without granting broad email permissions. This improves investigative access while supporting least-privilege administration.

Microsoft continues to expand Defender for Cloud’s posture management and workload protection capabilities with new guidance for reducing risky SQL Server configurations.

• Additional SQL Server Security Recommendations (Preview): Defender for Cloud now includes new SQL Server security recommendations designed to improve database posture management. These recommendations highlight risky configurations and provide guidance to strengthen database security in hybrid and cloud-connected environments.
• Risky Configuration Mitigation Guidance: The recommendations include actions such as disabling xp_cmdshell execution permissions and tightening database role assignments. These changes help reduce potential attack paths and strengthen protection against privilege escalation and misuse within SQL environments.

Defender XDR’s latest updates focus on helping SecOps teams prioritize risk faster, preserve investigation continuity, and operationalize intelligence more effectively.

• AI-Powered Incident Prioritization Preview: Defender’s new AI-powered incident prioritization capability is now in public preview, using alerts, asset criticality, threat intelligence, and attack disruption signals to assign each incident a score from 0 to 100. The feature also explains the key drivers behind the ranking, helping analysts focus on the highest-impact threats first.
• Advanced Hunting Enhancements: Microsoft introduced additional fields in behavior analysis tables, such as BehaviorInfo and BehaviorEntities to provide richer context for investigations involving user and entity behavior analytics. The platform now also returns partial results, rather than failing outright, when advanced hunting queries exceed size limits, improving analyst productivity during large investigations.
• Threat Intelligence Briefing Agent General Availability: The Threat Intelligence Briefing Agent is now generally available in Defender, automatically generating environment-specific intelligence briefings that combine Microsoft threat intelligence with local signals. This helps organizations surface prioritized risks and recommended actions with less manual analysis.

Microsoft is continuing to strengthen passwordless identity experiences and improve how cloud identity details appear during administrative and security operations.

• Passkey Profiles and Synced Passkeys: Entra passkey profiles and synced passkeys are now available for tenants with passkeys enabled. Existing configurations will migrate automatically, though administrators can optionally customize settings earlier to align with authentication strategy.
• Improved Entra Identifier Handling Across Services: Microsoft highlighted broader platform improvements that better translate Entra group and role identifiers into readable names within Windows and related services. This improves visibility and troubleshooting for administrators working across hybrid identity environments.

Microsoft has released the latest on-premises Exchange Server security updates, and organizations should treat them as part of routine patch and exposure reduction efforts.

• February 2026 Exchange Server Security Updates: Microsoft released the February 2026 security updates for Exchange Server addressing several vulnerabilities identified through internal research and external security partners.
• Patch Deployment Guidance: Microsoft states these vulnerabilities are not currently being exploited in the wild, but Exchange administrators should still prioritize testing and deploying the updates as part of regular patch governance and vulnerability management practices.

Exchange Online administrators should begin planning now for upcoming retirement and authentication changes that may affect integrations, scripts, and service workflows.

• Exchange Web Services Retirement Timeline: Microsoft announced a phased disablement of Exchange Web Services starting in October 2026, with full retirement expected in 2027. Organizations that still rely on EWS for mailbox automation, service applications, or third-party integrations should begin migration planning toward Microsoft Graph APIs.
• Credential Parameter Deprecation in Exchange Online PowerShell: Microsoft has announced the deprecation of the Credential parameter in Exchange Online PowerShell. Administrators should transition automation and scripting practices to modern authentication through Microsoft Entra and more secure credential management approaches.

Fabric continues to expand as a data and analytics platform with stronger real-time processing, API access, monitoring, and interoperability.

• Real-Time Intelligence Eventstream Preview: Fabric Real-Time Intelligence Eventstream is now available in preview, allowing organizations to ingest live data from multiple sources, apply transformations, and route data efficiently to multiple destinations. This supports near real-time analytics and event-driven data architectures.
• Semantic Model Access with Read Permissions Only: Creators and consumers now need only ‘Read’ access on the semantic model to interact with it through a data agent. Workspace access is no longer required to add a semantic model to an agent or ask questions from it, which simplifies governed data access.
• Power Query Public API: Microsoft is introducing the ability to execute Power Query programmatically through a public API. This turns Power Query into an on-demand transformation engine that can be invoked via REST from notebooks, pipelines, and applications.
• SQL Pool Insights: SQL Pool Insights is a new monitoring capability in Microsoft Fabric Data Warehouse that provides actionable visibility into SQL pool performance and resource utilization. This can help teams optimize performance and track warehouse efficiency more effectively.
• OneLake Catalog Federation Beta: OneLake catalog federation is now in beta through Azure Databricks Lakehouse Federation, enabling Unity Catalog in Azure Databricks to query data stored in OneLake without copying it. This simplifies multi-engine analytics and supports federated data strategies.
• ODBC Driver for Fabric Data Engineering Preview: Microsoft released a preview of the ODBC Driver for Microsoft Fabric Data Engineering, providing secure, enterprise-grade Spark SQL connectivity for .NET, Python, and other ODBC-compatible applications and BI tools through Fabric’s Livy APIs.

Intune is improving operational efficiency for endpoint teams while continuing to reduce dependence on local administrator rights.

• Admin Tasks Experience: Intune’s Admin Tasks experience now aggregates activities such as Endpoint Privilege Management elevation requests, Defender for Endpoint remediation tasks, and device offboarding into a single interface. This allows administrators to review, approve, and track cross-domain management and security actions more efficiently.
• Expanded Endpoint Privilege Management Controls: Intune has expanded endpoint privilege management to support Azure Virtual Desktop session hosts and additional policy controls, including deny rules for elevated file execution. These updates give administrators more granular control over privilege elevation and help reduce standing admin exposure.

Loop is receiving lifecycle management improvements that give administrators more control over content when users leave the organization.

• Retention and Deletion Controls for Loop Workspaces: Microsoft will roll out retention and deletion management for user-owned Loop workspaces, giving administrators greater control over collaboration data lifecycle and workspace ownership.
• Employee Departure and Content Preservation: The update allows admins to manage Loop data when employees leave the organization and grant temporary access so important workspace content can be reviewed or preserved before deletion.

OneDrive’s latest updates improve AI-assisted file work and strengthen mobile document usability.

• Copilot Agents in OneDrive: Microsoft 365 Copilot Agents in OneDrive allow users to group files for AI-powered project assistance, enabling questions, summaries, and collaboration around file collections. These are saved as agent files and integrate with Microsoft 365 Copilot workflows.
• OCR in OneDrive Mobile Apps: OneDrive mobile apps on iOS and Android will support built-in OCR for scanned PDFs, making text searchable and editable. This improves document utility and may help mobile-heavy users work more efficiently with scanned content.

Outlook’s latest updates include user workflow changes, Copilot context improvements, and an important data protection fix tied to sensitivity labels.

• Context IQ Retirement in New Outlook and Outlook on the Web: Context IQ will be retired in new Outlook and Outlook on the web, removing slash-command style suggestions for inserting files. Users will still be able to attach content through paste, drag and drop, and Attach file actions.
• Local Office File Attachments in Outlook for Windows: Outlook for Windows will support sending locally stored Word, Excel, and PowerPoint files as email attachments. This improves parity and convenience for users working with local documents.
• Copilot Chat Grounding in Active Message Content: Users of free Microsoft 365 Copilot Chat can now automatically ground responses in the content of the active message, helping summarize long threads, answer message-specific questions, and draft replies with better context. This reduces manual context switching and improves response relevance.
• Purview DLP Enforcement for Sensitivity-Labeled Outlook Content: Microsoft patched an issue in February 2026 where Copilot could surface content from Drafts and Sent Items despite sensitivity labels. Microsoft has now extended Purview Data Loss Prevention controls so Copilot is blocked from processing sensitivity-labeled Outlook content regardless of storage location, and administrators should review DLP policies to confirm they align with Copilot deployment strategy.
• Outlook Links and Edge Copilot Side Pane: Microsoft announced a roadmap change for later in 2026 in which links opened from Outlook emails in Microsoft Edge may automatically trigger Copilot in a side pane with contextual summaries and recommended next actions. Organizations should assess whether this changes user workflow, browser governance, or information handling expectations.

Planner is evolving toward a more collaborative and AI-assisted work management experience while deprecating older features.

• New Planner Collaboration and AI Features: Microsoft Planner will introduce several updates, including task chats, goals for basic plans, and a new project manager agent designed to enhance collaboration and task coordination within the platform.
• Retirement of Legacy Planner Capabilities: Alongside these enhancements, Microsoft will retire several legacy features. Organizations using Planner for lightweight work management should review these changes to assess potential impacts on existing workflows, user training, and adoption.

Power Apps continues to move toward AI-native app building, deeper Copilot integration, and more flexible developer entry points.

• Power Apps as Agents in Microsoft 365 Copilot: Custom apps built with Power Apps will surface directly as agents with richer user experiences inside Microsoft 365 Copilot chat. Microsoft expects public preview later this month, which could make line-of-business apps more discoverable and interactive inside the broader productivity experience.
• Dataverse Audit Change for Purview: Dataverse will no longer include before-and-after field values in audit events sent to Microsoft Purview. This reduces exposure of sensitive information in downstream compliance tooling and may affect how organizations review audit detail.
• Microsoft 365 Copilot in Canvas Apps: Microsoft 365 Copilot, including agents like Researcher and Analyst, will be accessible directly in custom apps built with Power Apps. Public preview is expected in April 2026, and this capability requires both a Power Apps Premium license and a Copilot license.
• Work IQ with Dataverse Integration: Users with a Microsoft 365 Copilot license will be able to experience Work IQ with Dataverse integration directly inside Power Apps in public preview by early April. This capability combines Microsoft 365 signals with operational application data for more context-rich AI experiences.
• Push Notifications in Custom-Branded Apps: Power Apps will enable push notifications in custom-branded apps across Android and iOS. This expands communication options for app-based workflows and field scenarios.
• Power Apps Vibe Experience: Microsoft introduced the new Power Apps Vibe experience as an AI-native platform that can build business solutions, data structures, workflows, and application code with minimal manual development effort. For enterprise teams, this has implications for speed, governance, and citizen development strategy.
• Power Apps Developer Plan: The Power Apps Developer Plan continues to provide a free development environment for building and testing with Power Apps, Power Automate, and Dataverse. Anyone with a work or school account backed by Microsoft Entra ID can sign up, making it a low-friction entry point for solution development and prototyping.

Power BI’s latest usability enhancement reduces friction when filtering large datasets and improves report interaction for business users.

• Input Slicer Now Available in Power BI: The input slicer, previously known as the text slicer during preview, allows users to type or paste values directly into a slicer to filter reports instead of scrolling through long lists.
• Improved Filtering for Large Datasets: This capability improves report usability and efficiency for analysts and end users working with large datasets by enabling faster, more precise filtering of report data.

Purview administrators should be aware of temporary service behavior changes affecting compliance operations.

• Communication Compliance Infrastructure Upgrade: Microsoft Purview Communication Compliance is undergoing an infrastructure upgrade that may temporarily affect service performance.
• Potential Processing Delays During Upgrade: During this period, organizations may experience intermittent processing delays, occasional errors, or outdated report data. Compliance teams should account for these conditions when conducting investigations or generating reports until the upgrade stabilizes.

SharePoint Online updates continue to reflect Microsoft’s push toward Entra-based collaboration, content lifecycle services, and AI-readiness across the platform.

• One-Time Passcode Retirement: SharePoint and OneDrive external sharing will transition away from SharePoint One-Time Passcode authentication toward Microsoft Entra B2B. Organizations should review their external collaboration models and guest access practices to prepare for the authentication shift.
• SharePoint at 25 Event: Microsoft recently announced the upcoming SharePoint at 25 event, underscoring SharePoint’s continued positioning as a central knowledge platform for Microsoft 365 Copilot and AI-enabled content experiences. This is strategically relevant for organizations treating SharePoint as a core information layer for AI readiness.
• SharePoint Premium Preview Services: Microsoft continues to emphasize the SharePoint Premium ecosystem through previews of Microsoft 365 Backup, Microsoft 365 Archive, and SharePoint Embedded. These services are relevant for organizations planning long-term retention, rapid recovery, and high-scale content services as part of future governance and lifecycle strategies.
• Web Search Image Pivot Retirement: The Web Search image pivot in the SharePoint page image picker will be retired, while stock images, uploads, and site assets will remain available. This change is minor operationally but may affect page-building workflows for content teams.

On-premises SharePoint administrators should ensure current patching as part of their standard stability and security process.

• January 2026 SharePoint Server Cumulative Updates: Microsoft released the January 2026 cumulative updates for both SharePoint Server Subscription Edition and SharePoint Server 2019.
• On-Prem Patch Management Guidance: Organizations running on-premises SharePoint environments should validate and deploy these updates through their standard patch management processes to maintain platform stability and security.

• Forward Multiple Messages with Context: Teams users can now forward up to five messages at once while preserving message context. This improves collaboration workflows when sharing conversations across chats or channels.
• Inactive Channel Hiding Changes: Microsoft has paused automatic hiding of inactive channels and will instead offer opt-in suggestions. This gives users more control over workspace organization and prevents unexpected interface changes.
• External Chat File Sharing Default: Teams will enable file attachment sharing by default in external chats unless disabled by administrators. Organizations should review external collaboration policies to ensure file sharing aligns with security and governance standards.
• External Participant Indicators: Teams now provides clearer indicators when users are communicating with external participants. This helps reduce accidental data sharing and improves visibility in cross-organization collaboration scenarios.

• Structured Meeting Invite Emails: Teams will distinguish meeting invite emails between attendees, presenters, and co-organizers for structured meetings and town halls. This improves meeting clarity and event coordination.
• Copilot Meeting Recaps and Gallery Improvements: February 2026 meeting updates introduce enhanced Copilot-powered meeting recaps and improved gallery layouts. These updates help participants review discussions more effectively and improve the meeting experience.

• Brand Impersonation Protection for Calling: Microsoft will introduce brand impersonation protection for Teams Calling, warning users about suspicious external calls that may attempt to spoof trusted organizations. This helps reduce voice phishing and fraud risks.
• Direct Routing Security Certificate Update: Microsoft is enforcing new certificate requirements for Direct Routing SBCs using mutual TLS in March. Orgs running AudioCodes SBCs must verify firmware and root certificate chains. Read more about this on our blog.

Windows updates this cycle include a significant security release, a new hardware-focused versioning model, and an upcoming certificate requirement that administrators should not overlook.

• Secure Boot Certificate Expiration in June: Secure Boot certificates are approaching expiration in June 2026, and organizations will need to update certificates to maintain platform trust and system security. Endpoint and platform teams should verify readiness well before the deadline to avoid disruption.
• February 2026 Windows Security Updates: Microsoft released February 2026 Windows security updates that address a high number of vulnerabilities, including several actively exploited zero-day issues. Organizations should prioritize patch deployment based on risk exposure and device criticality.
• Windows Version 26H1 Release Model: Windows version 26H1 will be available as a hardware-optimized release on select new devices and will not be offered as a standard feature update. This is important for endpoint planning, lifecycle communication, and device refresh expectations.