MC1191918 - Microsoft Purview | Information Protection – Email attachment preview in Activity explorer
Service
Published
Tag
Platforms
Summary
Microsoft Purview Information Protection will enable admins to preview email attachments flagged for sensitive data directly in Activity explorer for Exchange Online, improving incident investigation without downloading emails. The feature rolls out from December 2025 to January 2026, is enabled by default, and requires no action.
More information
Introduction
We’re enhancing Microsoft Purview | Information Protection by adding the ability to preview email attachments directly in Activity explorer for Exchange Online. Previously, only the message body was viewable, limiting visibility into flagged sensitive content. This update helps admins quickly investigate incidents without downloading emails, improving efficiency and security.
This message is associated with Roadmap ID 527834.
When this will happen:
- Public Preview: Rollout begins early December 2025 and completes by mid-December 2025.
- General Availability (Worldwide): Rollout begins mid-January 2026 and completes by late January 2026.
How this affects your organization:
Who is affected: Admins managing Exchange Online and using Activity explorer in Microsoft Purview.
What will happen:
- Admins can preview email attachments flagged for sensitive data directly in Activity explorer.
- No need to download emails for investigation.
- Feature is enabled by default; no configuration changes required.
- Existing DLP (data loss prevention) and Information Protection policies remain unchanged.
What you can do to prepare:
- No action is required; the feature will be available automatically after rollout.
- Optional: Communicate this update to your security and compliance teams.
Compliance considerations:
No compliance considerations identified; review as appropriate for your organization.