
M365 Roundup, October 2024: Copilot Agents Go GA
Copilot agents reach general availability, Teams adds impersonation warnings for external chat, a new calendar lands in January, and Office 2016/2019 get one year of support left.
Topic

Copilot agents reach general availability, Teams adds impersonation warnings for external chat, a new calendar lands in January, and Office 2016/2019 get one year of support left.

Microsoft 365 email is not phishing-resistant by default. SPF/DKIM/DMARC, a tuned anti-phishing policy, Safe Links and Attachments, external sender tags, and keyword mail flow rules close the gap.

SMS codes, push notifications, and passkeys all count as MFA, but they do not stop the same attacks. Here is the strength hierarchy, what defeats each tier, and the upgrade path to phishing-resistant.

A working checklist for the new Outlook: signatures and Bookings, schedule sends and recalls, sweep rules, the security toggles users should know, and the Microsoft 365 integrations built in.

Microsoft 365 Copilot lands November 1 for enterprise, Town halls replace Teams Live Events, Conditional Access templates hit GA, and hybrid password resets finally clear user risk in Entra ID.

Intelligent Meeting Recap reaches Teams Premium, Teams DLP becomes E5-only on May 30, Intune's Endpoint Privilege Management and Apple SSO plug-in hit GA, and Defender changes DMARC handling.

Five Azure AD MFA controls most tenants never touch: number matching, location context, authentication strengths, and two registration reports that catch attacker-added MFA methods.

June 2021 for MSPs: E2EE arrives for 1:1 Teams calls, meetings can auto-record, recordings become searchable by transcript, and the first contact safety tip moves into anti-phishing policy.

Office 365 ATP ships with Safe Attachments and Safe Links switched off. Here is what each feature does and the step-by-step config to turn them on.