Microsoft is making a significant shift in how it protects users of Microsoft Teams, its widely adopted collaboration platform. Beginning January 12, 2026, Microsoft will automatically enable a set of core security protections for Teams chats and messages — even if organizations haven’t turned them on manually. This move reflects a broader push toward making enterprise tools secure by default, rather than relying on administrators to opt into protections.

Why This Matters

Over the last few years, collaboration tools like Teams have become central to how businesses work — but that popularity also makes them a prime target for cyberattacks. Phishing, malicious attachments, and harmful URLs are increasingly delivered not just by email but through internal chat and collaboration channels, where they’re less likely to be blocked. Microsoft’s new defaults aim to reduce this attack surface across millions of Teams users worldwide.

Typically, administrators had to choose to turn on advanced security settings in the Teams admin center. But the reality is many organizations don’t have dedicated security teams or might overlook these configurations. Starting in January, that changes: Microsoft will flip the switch on certain protections automatically for tenants still using the standard setup.

What’s Changing on January 12, 2026

Here are the key security enhancements that Teams will automatically activate for organizations that haven’t customized their settings:

1. Weaponizable File Type Protection
   High-risk file types — such as executable programs and scripts often used to deliver malware — will be blocked from being shared in chats or channels. This helps prevent ransomware and other malware from spreading via trusted internal conversations.
2. Malicious URL Detection
   Every link shared in Teams will be scanned in real time. If a link is identified as suspicious or known to host phishing scams, users will see a warning before clicking. This real-time scanning is powered by Microsoft’s threat intelligence systems.
3. Reporting False Positives
   Because no security system is perfect, Teams will also give users a way to flag legitimate content that might have been blocked by mistake. That feedback helps Microsoft refine its detection without interrupting normal workflows.

For most employees, these changes will be subtle. You might notice warning labels on risky links or see a message blocked because it tried to send a disallowed file type. But those small interruptions are designed to stop far bigger problems like credential theft or malware outbreaks.

What Organizations Should Do Now

If your company has already configured Teams messaging safety settings, those custom preferences will remain unchanged. However, if your organization uses the default configuration — and you prefer to keep it that way or adjust it — admins should review settings before January 12, 2026. This can be done in the Teams Admin Center under Messaging → Messaging settings → Messaging safety.

IT teams are also encouraged to:

• Communicate upcoming changes to helpdesk and support staff
• Update internal documentation on safe file types and link handling
• Brief users on why they might see warnings or blocked messages

Planning ahead helps ensure a smooth transition with minimal disruption.

A Shift Toward Secure Defaults

What Microsoft is doing with this Teams update is part of a larger trend in enterprise software: bake security into the defaults rather than leaving it as an optional extra. As hybrid and remote work continue to blur the line between corporate networks and personal devices, automatic protections become increasingly essential.

In a world where collaboration platforms are as critical as email or VPNs, this change underscores the importance of proactive security — even in tools designed to make work easier.