Microsoft Teams now flags third-party bots in meetings
â–¼ Summary
– Microsoft Teams will soon automatically label third-party bots in meeting lobbies, giving organizers clear control over their admission.
– This feature is scheduled for a global rollout in May 2026 and will be available on Windows, macOS, Android, and iOS.
– Organizers must explicitly and separately admit any labeled bot, preventing accidental acceptance alongside human attendees.
– The change aims to stop both malicious bots and legitimate automated services from joining meetings without organizer awareness.
– This update is part of broader Teams security enhancements, including call reporting and admin tools to block external users.
Microsoft Teams is introducing a new security feature designed to give meeting organizers greater control by automatically identifying and labeling third-party bots in the virtual lobby. This upcoming change aims to prevent automated participants from joining meetings unnoticed, enhancing security and administrative oversight for all users. The development is currently listed on the Microsoft 365 roadmap with a planned release in May 2026, and it will be available globally across Windows, macOS, Android, and iOS for standard and GCC cloud environments.
Once implemented, any external bot attempting to enter a Teams meeting will be clearly marked in the waiting area. This visual distinction prevents these automated entities from blending in with human attendees, ensuring organizers are fully aware of their presence. The system will then require the host to take deliberate action, manually approving the bot’s entry if its participation is necessary. This explicit admission step is a critical safeguard against accidentally allowing a bot into a sensitive discussion.
Microsoft explains that this approach guarantees organizers maintain complete authority over who, and what, joins their meetings. The policy is designed to stop both malicious applications controlled by threat actors and legitimate third-party bots used for functions like transcription or note-taking from accessing a call without explicit consent. This control is vital for protecting against potential data breaches or disruptions orchestrated through automated means.
This bot-tagging feature is part of a broader initiative to strengthen Teams against evolving security threats. Earlier this year, Microsoft announced a call reporting function, allowing users to flag suspicious calls as potential scams. The platform has also integrated new fraud-protection alerts that warn users about external callers who may be impersonating trusted organizations in social engineering attacks.
Furthermore, starting last December, administrators gained the ability to block external Teams users directly through the Microsoft Defender portal. This administrative tool helps thwart cybercrime gangs, including ransomware operators, who might attempt to exploit the collaboration platform to target employees. Together, these updates represent a concerted effort to make Teams a more secure environment for business communication and collaboration.
(Source: Bleeping Computer)
