(Updated) Microsoft Teams: User reporting for incorrectly identified security concerns

Message Center ID: MC1147984
Microsoft Teams Microsoft Defender XDR
Stay Informed
New feature User impact Admin impact
September 2025 November 2025
Android Desktop iOS Mac Web

Summary

Microsoft Teams will enable users to report messages incorrectly flagged as security threats, available by end of November 2025 worldwide. The feature requires Microsoft Defender for Office 365 Plan 2 or Defender XDR and must be enabled in both Teams admin center and Microsoft Defender portal.

Details

Updated November 17, 2025: The rollout of “Report incorrect security detection in Microsoft teams is expected to finish by the end of November 2025 for General Availability (Worldwide). The previously announced update to make “Report incorrect security detections” settings in Messaging settings in Teams admin center On by default has been postponed to early 2026. A separate communication will be issued detailing the roll out schedule for the default-on change in advance.

Thank you for your patience.

Introduction

Microsoft Teams now enables users to report messages they believe were incorrectly flagged as security threats in chats and channels. This capability is available to organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR. It empowers users to provide feedback on false positives, helping improve detection accuracy and strengthen organizational security.

This feature will be available across Microsoft Teams on Android, Desktop (Windows), iOS, Mac, and Web platforms, ensuring broad accessibility for users regardless of device.

This feature is associated with Microsoft 365 Roadmap ID 501202.

When this will happen

Targeted Release (Worldwide): Begins in early September 2025; expected completion by mid-September 2025.

General Availability (Worldwide): Begins in early November 2025; expected completion by end of November 2025 (previously mid-November).

How this affects your organization

Users will be able to report messages they believe contain URLs that were incorrectly flagged as malicious:

 user settings

  • During Targeted Release, the feature is off by default in Teams.
  • At General Availability, the feature will be on by default in Teams. Admin settings saved during Targeted Release will remain unchanged.
  • In the Microsoft Defender portal, the setting is on by default for new tenants. Existing tenants must enable it manually.

What you can do to prepare

To enable this feature and ensure reported messages appear in the User reported tab in Submissions:

  • In the Teams admin center, go to Messaging settings > Messaging safety and turn on Report incorrect security detections.

    • admin settings

  • In the Microsoft Defender portal, ensure the corresponding setting is enabled.

    •   admin settings

Both settings must be turned on for full functionality.

Learn more: [Updated documentation to be made available on Microsoft Learn in the second week of September 2025.]

Compliance considerations

Does the change store new customer data, and if so, where is it stored?Yes. When users report messages they believe were incorrectly flagged, those submissions are stored in the Microsoft Defender portal under the Submissions tab.
Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?Yes. User feedback on incorrectly flagged messages is used to improve detection models, which modifies how AI/ML systems classify threats over time.
Does the change include an admin control, and can it be controlled through Entra ID group membership?Yes. Admins can enable or disable the feature in both the Teams admin center and the Microsoft Defender portal. Access to these controls can be managed through Entra ID group membership.

Additional Resources: End user reporting for security - Microsoft Teams | Microsoft Learn

Related Roadmap Items

🗺️ Roadmap ID: 501202

Change History

Published: September 4, 2025
Last Updated: November 17, 2025
November 17, 2025 at 6:30 PM Updated
Summary
Previous
Microsoft Teams will let users report messages incorrectly flagged as security threats, available with Microsoft Defender for Office 365 Plan 2 or Defender XDR. The feature launches in September 2025 (Targeted Release) and November 2025 (General Availability), requiring admin enablement in Teams and Defender portals.
New
Microsoft Teams will enable users to report messages incorrectly flagged as security threats, available by end of November 2025 worldwide. The feature requires Microsoft Defender for Office 365 Plan 2 or Defender XDR and must be enabled in both Teams admin center and Microsoft Defender portal.
Last Updated Date
Previous
2025-09-09T17:02:57.293Z
New
2025-11-17T17:04:04.190Z
Body Content
Previous

Updated September 9, 2025: We have updated the content. Thank you for your patience.

Introduction

Microsoft Teams now enables users to report messages they believe were incorrectly flagged as security threats in chats and channels. This capability is available to organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR. It empowers users to provide feedback on false positives, helping improve detection accuracy and strengthen organizational security.

This feature will be available across Microsoft Teams on Android, Desktop (Windows), iOS, Mac, and Web platforms, ensuring broad accessibility for users regardless of device.

This feature is associated with Microsoft 365 Roadmap ID 501202.

When this will happen

Targeted Release (Worldwide): Begins in early September 2025; expected completion by mid-September 2025.

General Availability (Worldwide): Begins in early November 2025; expected completion by mid-November 2025.

How this affects your organization

Users will be able to report messages they believe contain URLs that were incorrectly flagged as malicious:

 user settings

  • During Targeted Release, the feature is off by default in Teams.
  • At General Availability, the feature will be on by default in Teams. Admin settings saved during Targeted Release will remain unchanged.
  • In the Microsoft Defender portal, the setting is on by default for new tenants. Existing tenants must enable it manually.

What you can do to prepare

To enable this feature and ensure reported messages appear in the User reported tab in Submissions:

  • In the Teams admin center, go to Messaging settings > Messaging safety and turn on Report incorrect security detections.

    • admin settings

  • In the Microsoft Defender portal, ensure the corresponding setting is enabled.

    •   admin settings

Both settings must be turned on for full functionality.

Learn more: [Updated documentation to be made available on Microsoft Learn in the second week of September 2025.]

Compliance considerations

Does the change store new customer data, and if so, where is it stored?Yes. When users report messages they believe were incorrectly flagged, those submissions are stored in the Microsoft Defender portal under the Submissions tab.
Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?Yes. User feedback on incorrectly flagged messages is used to improve detection models, which modifies how AI/ML systems classify threats over time.
Does the change include an admin control, and can it be controlled through Entra ID group membership?Yes. Admins can enable or disable the feature in both the Teams admin center and the Microsoft Defender portal. Access to these controls can be managed through Entra ID group membership.

Additional Resources: End user reporting for security - Microsoft Teams | Microsoft Learn

New

Updated November 17, 2025: The rollout of “Report incorrect security detection in Microsoft teams is expected to finish by the end of November 2025 for General Availability (Worldwide). The previously announced update to make “Report incorrect security detections” settings in Messaging settings in Teams admin center On by default has been postponed to early 2026. A separate communication will be issued detailing the roll out schedule for the default-on change in advance.

Thank you for your patience.

Introduction

Microsoft Teams now enables users to report messages they believe were incorrectly flagged as security threats in chats and channels. This capability is available to organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR. It empowers users to provide feedback on false positives, helping improve detection accuracy and strengthen organizational security.

This feature will be available across Microsoft Teams on Android, Desktop (Windows), iOS, Mac, and Web platforms, ensuring broad accessibility for users regardless of device.

This feature is associated with Microsoft 365 Roadmap ID 501202.

When this will happen

Targeted Release (Worldwide): Begins in early September 2025; expected completion by mid-September 2025.

General Availability (Worldwide): Begins in early November 2025; expected completion by end of November 2025 (previously mid-November).

How this affects your organization

Users will be able to report messages they believe contain URLs that were incorrectly flagged as malicious:

 user settings

  • During Targeted Release, the feature is off by default in Teams.
  • At General Availability, the feature will be on by default in Teams. Admin settings saved during Targeted Release will remain unchanged.
  • In the Microsoft Defender portal, the setting is on by default for new tenants. Existing tenants must enable it manually.

What you can do to prepare

To enable this feature and ensure reported messages appear in the User reported tab in Submissions:

  • In the Teams admin center, go to Messaging settings > Messaging safety and turn on Report incorrect security detections.

    • admin settings

  • In the Microsoft Defender portal, ensure the corresponding setting is enabled.

    •   admin settings

Both settings must be turned on for full functionality.

Learn more: [Updated documentation to be made available on Microsoft Learn in the second week of September 2025.]

Compliance considerations

Does the change store new customer data, and if so, where is it stored?Yes. When users report messages they believe were incorrectly flagged, those submissions are stored in the Microsoft Defender portal under the Submissions tab.
Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?Yes. User feedback on incorrectly flagged messages is used to improve detection models, which modifies how AI/ML systems classify threats over time.
Does the change include an admin control, and can it be controlled through Entra ID group membership?Yes. Admins can enable or disable the feature in both the Teams admin center and the Microsoft Defender portal. Access to these controls can be managed through Entra ID group membership.

Additional Resources: End user reporting for security - Microsoft Teams | Microsoft Learn

September 9, 2025 at 6:30 PM Updated
Service
Previous
Microsoft Teams
New
Microsoft Teams,Microsoft Defender XDR
Last Updated Date
Previous
2025-09-09T15:03:16.167Z
New
2025-09-09T17:02:57.293Z
September 9, 2025 at 4:30 PM Updated
Title
Previous
Microsoft Teams: User reporting for incorrectly identified security concerns
New
(Updated) Microsoft Teams: User reporting for incorrectly identified security concerns
Summary
Previous
Microsoft Teams will let users report messages incorrectly flagged as security threats, available to organizations with Microsoft Defender for Office 365 Plan 2 or Defender XDR. The feature launches in September 2025 (Targeted Release) and November 2025 (General Availability), requiring admin enablement in Teams and Defender portals.
New
Microsoft Teams will let users report messages incorrectly flagged as security threats, available with Microsoft Defender for Office 365 Plan 2 or Defender XDR. The feature launches in September 2025 (Targeted Release) and November 2025 (General Availability), requiring admin enablement in Teams and Defender portals.
Last Updated Date
Previous
2025-09-04T23:12:58.663Z
New
2025-09-09T15:03:16.167Z
Tags
Previous
New feature,User impact,Admin impact
New
Updated message,New feature,User impact,Admin impact
Body Content
Previous

Introduction

Microsoft Teams now enables users to report messages they believe were incorrectly flagged as security threats in chats and channels. This capability is available to organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR. It empowers users to provide feedback on false positives, helping improve detection accuracy and strengthen organizational security.

This feature will be available across Microsoft Teams on Android, Desktop (Windows), iOS, Mac, and Web platforms, ensuring broad accessibility for users regardless of device.

This feature is associated with Microsoft 365 Roadmap ID 501202.

When this will happen

Targeted Release (Worldwide): Begins in early September 2025; expected completion by mid-September 2025.

General Availability (Worldwide): Begins in early November 2025; expected completion by mid-November 2025.

How this affects your organization

Users will be able to report messages they believe contain URLs that were incorrectly flagged as malicious:

 user settings

  • During Targeted Release, the feature is off by default in Teams.
  • At General Availability, the feature will be on by default in Teams. Admin settings saved during Targeted Release will remain unchanged.
  • In the Microsoft Defender portal, the setting is on by default for new tenants. Existing tenants must enable it manually.

What you can do to prepare

To enable this feature and ensure reported messages appear in the User reported tab in Submissions:

  • In the Teams admin center, go to Messaging settings > Messaging safety and turn on Report incorrect security detections.

    • admin settings

  • In the Microsoft Defender portal, ensure the corresponding setting is enabled.

    •   admin settings

Both settings must be turned on for full functionality.

Learn more: [Updated documentation to be made available on Microsoft Learn in the second week of September 2025.]

Compliance considerations

Does the change store new customer data, and if so, where is it stored?Yes. When users report messages they believe were incorrectly flagged, those submissions are stored in the Microsoft Defender portal under the Submissions tab.
Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?Yes. User feedback on incorrectly flagged messages is used to improve detection models, which modifies how AI/ML systems classify threats over time.
Does the change include an admin control, and can it be controlled through Entra ID group membership?Yes. Admins can enable or disable the feature in both the Teams admin center and the Microsoft Defender portal. Access to these controls can be managed through Entra ID group membership.

New

Updated September 9, 2025: We have updated the content. Thank you for your patience.

Introduction

Microsoft Teams now enables users to report messages they believe were incorrectly flagged as security threats in chats and channels. This capability is available to organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR. It empowers users to provide feedback on false positives, helping improve detection accuracy and strengthen organizational security.

This feature will be available across Microsoft Teams on Android, Desktop (Windows), iOS, Mac, and Web platforms, ensuring broad accessibility for users regardless of device.

This feature is associated with Microsoft 365 Roadmap ID 501202.

When this will happen

Targeted Release (Worldwide): Begins in early September 2025; expected completion by mid-September 2025.

General Availability (Worldwide): Begins in early November 2025; expected completion by mid-November 2025.

How this affects your organization

Users will be able to report messages they believe contain URLs that were incorrectly flagged as malicious:

 user settings

  • During Targeted Release, the feature is off by default in Teams.
  • At General Availability, the feature will be on by default in Teams. Admin settings saved during Targeted Release will remain unchanged.
  • In the Microsoft Defender portal, the setting is on by default for new tenants. Existing tenants must enable it manually.

What you can do to prepare

To enable this feature and ensure reported messages appear in the User reported tab in Submissions:

  • In the Teams admin center, go to Messaging settings > Messaging safety and turn on Report incorrect security detections.

    • admin settings

  • In the Microsoft Defender portal, ensure the corresponding setting is enabled.

    •   admin settings

Both settings must be turned on for full functionality.

Learn more: [Updated documentation to be made available on Microsoft Learn in the second week of September 2025.]

Compliance considerations

Does the change store new customer data, and if so, where is it stored?Yes. When users report messages they believe were incorrectly flagged, those submissions are stored in the Microsoft Defender portal under the Submissions tab.
Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?Yes. User feedback on incorrectly flagged messages is used to improve detection models, which modifies how AI/ML systems classify threats over time.
Does the change include an admin control, and can it be controlled through Entra ID group membership?Yes. Admins can enable or disable the feature in both the Teams admin center and the Microsoft Defender portal. Access to these controls can be managed through Entra ID group membership.

Additional Resources: End user reporting for security - Microsoft Teams | Microsoft Learn

Never Miss a Microsoft 365 Update

Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.

View Full Details Sign Up Free