In Winter '25, the Sales Engagement Basic User permission set no longer includes access to Einstein Activity Capture. Assign the Standard Einstein Activity Capture permission set to users who currently have access to Einstein Activity Capture through the Sales Engagement Basic User permission set or a clone.

No impact

If you’re syncing leads from LinkedIn Lead Forms to Salesforce, you must manually disconnect your LinkedIn account, reconfigure the feature by enabling a new setting, and then reconnect your account. Otherwise, LinkedIn leads will stop syncing when LinkedIn retires their legacy Ads Lead Sync APIs on December 16, 2024. This update is available starting in Winter ’25.

No impact

When you update an order product, the New Order Save Behavior uses custom application logic to update the parent order. Custom application logic consists of validation rules, apex triggers and classes, workflow rules, and flows. You can choose to enable or disable this feature. However, we recommend that you enable it. Starting Winter ‘25, this feature is enabled by default for new customer orgs. Previously, users needed additional customizations to enforce custom applications on orders and order products. Also, Salesforce didn’t correctly evaluate custom application logic on the parent record.

No impact

To help protect your org from cross-site scripting and other code injection attacks, Salesforce updated the delivered CSP directivesfor Lightning pages. This change can prevent externally hosted fonts and images from loading. It can also prevent external websites from loading within an iframe on your Lightning pages. To prepare for this change, review the impact and update your trusted URLs. This update is available starting in Summer ’24.

No impact

After Winter ’25, to comply with increased email security standards, orgs are required to create and verify a Default No-reply address in Organization-Wide Email Address settings.

No impact

To follow recommended security standards, use the new credentials Connect REST API resource instead of Metadata API to access External Client App OAuth consumer credentials.

No impact

When this update is enabled, an auto-launched flow that runs in the default context enforces sharing rules when an Apex class launches the flow. To enforce sharing, the Apex class must be declared using the sharing keyword.

No impact

With this update, only users with the View Roles and Role Hierarchy permission can see or select from your organization’s list of roles when they edit public list view visibility. This update is available starting in Spring ’24.

No impact

With this update enabled, Salesforce restricts a user’s ability to run a flow. A user must be granted the correct profile or permission set to run the flow. When enabled, this release update deprecates the FlowSites license. With this update, flows run more securely because only users who are granted correct profiles or permission sets can run flows.

No impact

Unlock a richer and more user-friendly experience with the new Lightning Article Editor. With Article Personalization, your knowledge content is tailored to your business needs and unlocks agent productivity.

No impact

To protect your users and network, apply stricter validation to the flow URL parameter that determines where you redirect users after they complete a screen flow. With stricter validation, Salesforce blocks requests to redirect users to URLs that don’t meet the additional validation requirements unless they’re on your list of trusted URLs in Setup. When Salesforce blocks a request, users see an invalid-page redirection error. This update is available starting in Spring ‘25.

No impact

After Spring ’25, to comply with increased email security standards, you’re required to verify the Email Address in My Email Settings.

No impact

As part of the Salesforce internal migration from Aura to LWC, more modals in Lightning Experience now render using LWC. This update provides improved performance, especially when working with a large number of fields on a record create or edit modal. You can now also use Dynamic Forms in a modal that's opened from a Create from Lookup field on most LWC-enabled record pages. When you enable this update, you can expect minor changes to modal behavior. This update is available starting in Summer ’24 and will be enforced in Spring '25.

No impact

This update enables permission requirements to be enforced for file-based Apex classes that are used as inputs for Apex actions. It also guarantees that the affected Apex action operates within the current component context. Currently, Apex actions rely on the previous component context. This behavior leads to failed flow interviews when the flow includes an Apex action that contains a file-based Apex class with permission requirements as input.

No impact

This update enables Apex batch action results to be displayed in the order the requests are received. Currently, error-prone requests are prioritized at the top of the result list, while successful ones are positioned at the bottom.

No impact

This release update adds a new intelligenceSignals flow input parameter that contains detected conversation intelligence signals. Use this Apex-defined input parameter for your Recommendation Strategy and autolaunched flows linked to a Conversation Intelligence rule. This update is available starting in Summer ’24.

No impact

Switch to a single domain certificate if you’re using a shared domain certificate for your Salesforce content delivery network (CDN). To comply with the latest security updates, we’re retiring shared domain certificates. When this change is enforced, shared domain certificates are updated to non-HTTPS, which isn’t as secure as the single domain certificate. This update is available now and enforced in Spring ‘25.

No impact