Microsoft Teams and Defender for Office 365 add centralized external-user blocking controls
Security Tool/Service
Summary
Hide ▲
Show ▼
Microsoft Teams is gaining centralized controls that let security admins block external users, suspicious domains, and malicious content handling in Defender for Office 365, reducing the risk of social-engineering abuse across organizational messaging and meetings. The update matters because it moves external communication restrictions into the Defender portal and strengthens default messaging protections for January 2026 rollout.
Related Happenings
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/Service
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/ServiceAbout this happening: Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive Guidance
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
**Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive GuidanceAbout this happening: **Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch Release
H score44
First: 21.05.2026 10:49
Last: 21.05.2026 10:49
Sources 1
About this happening:
Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch ReleaseAbout this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Latest development: 21.05.2026 12:52
Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.
Microsoft Teams on macOS repeated location-prompt service disruption
Service Disruption
H score0
First: 19.05.2026 19:10
Last: 19.05.2026 19:10
Sources 1
About this happening:
Microsoft confirmed a **Microsoft Teams on macOS** service disruption that causes **non-dismissible location prompts** for some users, interrupting normal app use for those who en...
Microsoft Teams on macOS repeated location-prompt service disruption
Service DisruptionAbout this happening: Microsoft confirmed a **Microsoft Teams on macOS** service disruption that causes **non-dismissible location prompts** for some users, interrupting normal app use for those who en...
Tycoon2FA device-code phishing campaign targeting Microsoft 365
Campaign
H score46
First: 17.05.2026 17:43
Last: 17.05.2026 17:43
Sources 1
About this happening:
The **Tycoon2FA** phishing operation added **device-code phishing** to hijack **Microsoft 365** accounts, expanding its ability to steal access tokens and reach email, calendar, a...
Tycoon2FA device-code phishing campaign targeting Microsoft 365
CampaignAbout this happening: The **Tycoon2FA** phishing operation added **device-code phishing** to hijack **Microsoft 365** accounts, expanding its ability to steal access tokens and reach email, calendar, a...
Timeline
-
24.12.2025 18:22 2 articles · 6mo ago
Microsoft announces Teams external-user blocking controls
Initial DisclosureMicrosoft announced that Teams security administrators will soon be able to block external users from sending messages, calls, or meeting invitations to people in their organization through the Microsoft Defender portal. The update integrates Teams with Defender for Office 365, lets admins manage blocked external contacts through the Tenant Allow/Block List, and will begin rolling out in early January 2026 with completion expected by mid-January 2026. Before use, organizations must enable two disabled-by-default Teams admin center settings, and the feature will work across the Defender XDR web portal and all Teams clients without changing existing domain blocks or federation configurations.
Show sources
- Microsoft Teams to let admins block external users via Defender portal — www.bleepingcomputer.com — 24.12.2025 18:22
- Microsoft Teams to let admins block external users via Defender portal — www.bleepingcomputer.com — 24.12.2025 18:22