Microsoft is taking steps to enhance security within its Teams platform by developing a modern feature designed to identify and control third-party bots attempting to join meetings. The move comes as cybercriminals increasingly leverage automated bots to compromise communications, steal data, and disrupt online collaboration.
The upcoming feature, currently slated for rollout in May 2026 across Desktop, Mac, Linux, iOS, and Android versions of Teams, will provide meeting organizers with greater visibility and control over who – or what – is entering their virtual spaces. This proactive approach aims to mitigate the risks associated with malicious bots, which are becoming more sophisticated, and prevalent.
According to the Microsoft 365 Roadmap, organizers will be able to clearly identify external bots waiting in the meeting lobby. Instead of being automatically admitted, these bots will require explicit approval from the organizer, preventing unintentional access and ensuring a more secure meeting environment. “Organizers will be required to explicitly and separately admit these bots into the meeting, if really required,” Microsoft stated. “This approach will ensure that no one inadvertently accepts the external bots into the meeting, ensuring that the organizers have full control over the presence of these bots.”
The rise in readily available AI tools is fueling a surge in malicious bot activity. Thales reported that these bots are now responsible for 37% of all internet traffic, highlighting the scale of the problem. Even as bots used for legitimate purposes – such as transcription or note-taking within an organization – are generally considered low risk, the potential for abuse by malicious actors is significant.
The Growing Threat of Automated Bots
The increasing sophistication of bots poses a serious threat to online security. Cloudflare’s latest report indicates that automated traffic constitutes a substantial portion of overall internet activity, encompassing both benign and malicious automation. Cybercriminals are utilizing bots to hijack conversations, compromise communications, and ultimately steal sensitive company data.
This isn’t simply a theoretical concern. As remote and hybrid work models become increasingly common, reliance on platforms like Microsoft Teams for sensitive discussions and data sharing has grown. This makes Teams meetings a prime target for attackers seeking to intercept confidential information or disrupt business operations.
How the New Feature Will Work
The new Teams feature aims to address this vulnerability by introducing a layer of scrutiny to the meeting entry process. When an external bot attempts to join a meeting, organizers will receive a clear visual indication in the lobby. They will then be required to individually approve the bot’s admission, rather than allowing it to join automatically with other participants. This deliberate step is designed to prevent accidental or unauthorized access.
The feature will be enabled by default, requiring no specific configuration changes from administrators, according to the Microsoft 365 Roadmap. This ease of implementation should facilitate widespread adoption and maximize its security benefits.
Beyond Teams: A Broader Trend in Bot Mitigation
Microsoft’s move to enhance bot security in Teams reflects a broader industry trend. Organizations are increasingly focused on developing tools and strategies to detect and mitigate the risks posed by malicious bots. This includes implementing advanced bot detection technologies, strengthening authentication protocols, and educating users about the potential threats.
Microsoft is also working on improvements to how bots respond within Teams. Recent updates, as noted by Handsontek, allow custom engine agents and Teams bots to stream responses, providing a more dynamic and responsive user experience. This feature, rolled out between mid-November and late-December 2024, enhances usability while also potentially offering opportunities for improved security monitoring.
Looking ahead, the ongoing evolution of AI and automation will undoubtedly continue to drive innovation in both bot technology and bot security. Microsoft’s proactive approach to addressing these challenges demonstrates a commitment to providing a secure and reliable collaboration platform for its users.
What are your thoughts on the new Teams bot identification feature? Share your comments below and let us know how you think this will impact meeting security.
