Microsoft Groups will routinely alert customers once they ship or obtain a personal message containing hyperlinks which might be tagged as malicious.
Microsoft will introduce these new warnings for messages containing URLs which have been flagged as spam, phishing, or malware, for all Microsoft Defender for Workplace 365 (MDO) and Microsoft Groups enterprise clients.
The new hyperlink safety function will start rolling out with a public preview for desktop, Android, internet, and iOS customers in September 2025 and is anticipated to achieve normal availability in November 2025, in response to a latest Microsoft 365 roadmap entry.
“To assist customers keep protected against malicious content material, we’re introducing message warnings in Microsoft Groups,” the corporate defined in an incident alert printed within the Microsoft 365 message heart on Wednesday.
“This new function shows a warning banner on messages containing URLs flagged as Spam, Phish, or Malware—whether or not the message is inner or exterior. These warnings improve consumer consciousness and complement present safety protections like Secure Hyperlinks and ZAP.”
​Admins can choose in to allow this new function in public preview through the use of the toggle out there within the Groups Admin Middle > Messaging settings.
Malicious URL warnings shall be displayed immediately on the message and shall be enabled by default after the function reaches normal availability, with administration choices out there through the Groups Admin Middle or PowerShell (with the Groups module).
As Redmond explains, if not less than one tenant has the function enabled, the message warnings shall be lively throughout your entire tenant.
Microsoft additionally introduced final month that it is working to increase safety in opposition to harmful file sorts and malicious URLs in Groups chats and channels.
Moreover, it famous that Groups will enable safety directors to dam incoming communications from a listing of blocked domains and delete present chat messages from customers in blocked domains by way of the Microsoft Defender portal.
Redmond introduced finally 12 months’s Enterprise Join convention that Groups had reached over 320 million month-to-month lively customers throughout 181 markets.
46% of environments had passwords cracked, practically doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and information exfiltration traits.
