05-22-2021 , 04:18 PM
Quote:Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains (including Google and LinkedIn) getting tagged as malicious and quarantined.
"Users having multiple issues related to email flow, links within email messages and the Microsoft Defender portal," Microsoft says in the Microsoft 365 admin center.
"Some users see legitimate email quarantined/marked as malicious in Exchange Online Protection & Defender for Office 365."
Microsoft says the issue stems from an accidental block placed on valid and healthy domains, which resulted in legitimated emails inadvertently being quarantined.
Emailing scenarios directly impacted by this ongoing issue include but are not limited to:
Users may be unable to send or receive email from various domains. Some of the domains include Google and LinkedIn.
Users may notice legitimate messages are getting quarantined.
Users are unable to access links within emails as they're identified as risky.
Users may get blocked from sending emails, if their messages were incorrectly detected as spam or phish.
Admins might see delays in getting latest alert information and email information in Threat Explorer.
Microsoft Defender may be receiving a large amount of erroneous alerts, which could result in overall latency navigating within the Microsoft Defender portal.
Furthermore, Microsoft Defender for Office 365 and Microsoft 365 Defender users should expect to see additional impact including:
An increase in the number of URL-related alerts for non-malicious URLs.
An increase in the number of Zapped Phish AIR investigations within Microsoft Defender for Office
Legitimate Emails being marked as malicious within Threat Explorer.
Delays in getting the latest email information within Threat Explorer.
"We've ran commands to unblock the URLs, which will mitigate impact for all new email messages and links within email messages," the company added.
"We're working to release the email messages that were quarantined, as well as investigating options to restore the health of the Microsoft Defender portal."
Update 1: Microsoft has fixed the bug that led to legitimate emails getting quarantine and is working on releasing messages already quarantined by mistake.
Continue reading HERE