M365 Changelog: Microsoft Secure Score improvement action updates November 20, 2021

MC299403 – Microsoft is updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.

When this will happen:

Microsoft expects to begin rolling this out to customers in mid-December and expect the rollout to be completed by late December.

How this will affect your organization:

Improvement actions that are being added, removed or updated in Secure Score could potentially change the overall organizational score.

The following improvement actions will be added:

  • Turn on Safe Attachments in block mode
  • Do not allow Exchange Online calendar details to be shared with external users
  • Turn on Safe Documents for Office Clients
  • Turn on the common attachments filter setting for anti-malware policies
  • Ensure that there are no sender domains allowed for Anti-spam policies
  • Create Safe Links policies for email messages
  • Create zero-hour auto purge policies for malware
  • Turn on Microsoft Defender for Office 365 in SharePoint, OneDrive, and Microsoft Teams
  • Create zero-hour auto purge policies for phishing messages
  • Create zero-hour auto purge policies for spam messages
  • Block abuse of exploited vulnerable signed drivers
  • Turn on scanning of removable drives during a full scan

What you need to do to prepare:

There is no action you need to take to prepare for this change, but you may consider reviewing the improvement actions that are being added, removed or updated.Additional information