Up Down Remediate malicious email delivered in Office 365

Note: we are publishing this message again to ensure visibility for all impacted tenants. We apologize for any inconvenience.

We are updating the remediation capability in Microsoft Defender for Office 365 to improve customer experience and efficiency.

This message is associated with Microsoft 365 Roadmap ID 70554.

When this will happen

We will begin rolling out at the end of January and complete by mid-February.

How this will affect your organization

We are making these improvements to the experience and remediation efficiency:

  • Increasing the export limit of records from Action center > Remediation > Mail submission or action log to 100,000. 
  • Adding the network message ID column in Action center > Remediation > Action log details.  
  • Adding “Already in destination” column in Action center > Remediation > Action logs. Until this update, records submitted for remediation were remediated based on their original delivery location. So if a soft delete action was taken on a message for the second time (when it had been part of another query), the deletion attempt was based on the original location. With this update, we will reduce submissions by identifying messages which are already in destination.

What you need to do to prepare

You might want to notify other admins about this new capability and update your training and documentation as appropriate. 

Learn more: Remediate malicious email delivered in Office 365

Message ID: MC238895


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: