Remediate malicious email delivered in Office 365

Microsoft is updating the remediation capability in Microsoft Defender for Office 365 to improve customer experience and efficiency.

This message is associated with Microsoft 365 Roadmap ID 70554.

When this will happen

You will begin seeing changes in your tenant by end of January 2021.

How this will affect your organization

Microsoft is making these improvements to the experience and remediation efficiency:

• Increasing the export limit of records from Action center > Remediation > Mail submission or action log to 100,000.
• Adding the network message ID column in Action center > Remediation > Action log details.
• Adding “Already in destination” column in Action center > Remediation > Action logs. Until this update, records submitted for remediation were remediated based on their original delivery location. So if a soft delete action was taken on a message for the second time (when it had been part of another query), the deletion attempt was based on the original location. With this update, we will reduce submissions by identifying messages which are already in destination.

What you need to do to prepare

You might want to notify other admins about this new capability and update your training and documentation as appropriate.

Learn more: Remediate malicious email delivered in Office 365