Microsoft boosts Teams meetings with smarter bot protection

▼ Summary
– Microsoft introduced a new Teams admin policy that blocks third-party bots from joining meetings without organizer approval.
– The policy is available on Windows, macOS, Android, and iOS for standard multi-tenant and GCC cloud environments.
– When enabled, Teams automatically detects bots, places them in the lobby, identifies them, and requires organizer approval to join.
– Microsoft plans to add further controls, including allow lists, full bot blocking, admin reports, and audit logs.
– Starting in December, admins can block external Teams users via the Defender portal to prevent social engineering attacks.
Microsoft has rolled out a fresh Teams admin policy designed to give meeting organizers tighter control over which bots can join their sessions without prior approval. The update targets the growing concern around unauthorized third-party bots infiltrating virtual meetings.
The feature, first teased in a March Microsoft 365 roadmap update, is now available across Windows, macOS, Android, and iOS for standard multi-tenant and GCC cloud environments worldwide. Once activated, the policy automatically detects and blocks malicious apps,often controlled by threat actors,as well as legitimate third-party bots used for tasks like note-taking or transcription. This ensures that all participants are aware whenever a non-human entity is present.
Organizations gain greater visibility and control over external bots in their meetings. The new policy helps identify bots more clearly and adds safeguards to confirm that only intended participants and approved tools gain entry. “The new policy in the Teams Admin Center, Manage external bots and their access to meetings, can be assigned to individual users or specific groups,” Microsoft stated on Monday. “When enabled, Teams automatically detects potential bots, places them in the meeting lobby, clearly identifies them, and prompts organizers to confirm admission. Even in meetings where organizers allow participants to bypass the lobby, bots identified through this policy will continue to require approval before joining.”
Looking ahead, Microsoft plans to introduce additional admin controls, including allow lists for approved bots, policies to block external bots entirely, admin reports and audit logs on bot detection and presence, and more granular security settings tailored to different organizational needs.
Starting in December, admins will also be able to block external Teams users via the Defender portal to prevent cybercrime gangs,including ransomware groups,from exploiting the platform in social engineering attacks targeting employees. In January, Teams added new fraud-protection features for calls, warning users about external callers impersonating trusted organizations. That same month, Microsoft announced a call reporting feature would arrive by mid-March, enabling users to flag unwanted or suspicious calls as potential phishing or scam attempts.
More recently, in April, Microsoft warned that attackers are increasingly abusing external Teams collaboration to gain access and move laterally across enterprise networks. These attackers often impersonate IT or helpdesk staff, contacting employees through cross-tenant chats to trick them into granting remote access and stealing sensitive data.
(Source: BleepingComputer)




