Microsoft has announced the deprecation of the Azure DevOps issuer for workload identity federation service connections, with a final retirement date set for July 1, 2027. This change is part of a broader initiative to standardize on the Microsoft Entra issuer to improve security and consistency across Azure services. The transition affects service connections in the Azure public cloud that utilize single-tenant applications or managed identities for secretless authentication.

Source

Microsoft is updating Entra ID to ensure conditional access policies are enforced for applications requesting only baseline scopes. These baseline scopes include standard OpenID Connect permissions like email and profile, as well as basic directory read permissions. Previously, applications using only these low-risk scopes could bypass policies targeting all resources if specific exclusions were present.

Source

The Microsoft Entra June 2026 update adds phishing-resistant multifactor authentication for Linux desktops, expands passkey support on Windows, and changes how Self-Service Password Reset verifies identity. It also brings new Conditional Access enforcement during credential registration and a public preview for recovering deleted device objects. This article explains the practical and technical details of these changes for everyday administration.

Source

IBM and Microsoft have launched a collaborative service designed to bridge the gap between detecting identity-based threats and executing governed remediation. The partnership integrates Microsoft’s security telemetry with IBM’s managed response services to address the rising volume of credential-based attacks. This solution specifically targets risks such as multi-factor authentication abuse, token theft, and unauthorized privilege escalation.

Source

Microsoft is implementing license price increases in July 2026 that affect various services beyond standard Microsoft 365 bundles. Notable adjustments include a 13% rise for Enterprise Mobility and Security E3 and up to 16% for Entra P1 licenses. Administrators can use PowerShell to proactively identify these costs and remove inactive licenses to mitigate the financial impact.

Source

Microsoft is updating its identity security framework to address the unique risks posed by autonomous AI agents. Traditional multi-factor authentication is insufficient for these entities because they operate at speeds and scales that bypass human-centric security measures. Consequently, the identity playbook is shifting toward a unified risk model that integrates signals from identity, endpoints, and data layers.

Source

Microsoft Entra has introduced a soft-delete feature for device objects in public preview, allowing administrators to recover accidentally deleted Entra joined or registered devices within a set retention period. This safety mechanism preserves critical identity data and security artifacts, reducing the operational risk of permanent data loss. Additionally, Entra Connect Sync now officially supports Windows Server 2025, though Microsoft is encouraging a transition toward the cloud-native Entra Cloud Sync for simplified hybrid identity management.

Source