Article Details
Scrape Timestamp (UTC): 2025-03-21 17:11:48.531
Original Article Text
Click to Toggle View
Microsoft: Exchange Online bug mistakenly quarantines user emails. Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users' emails. According to a new incident report added to the Microsoft 365 Admin Center, the email issues started almost five hours ago, at 10:11 UTC. While the company has yet to share what regions are impacted, this Exchange Online incident has been tagged as a critical service issue tracked under EX1038119 on the Microsoft 365 admin center. "Specific URLs are being miscategorised and quarantined by our anti-spam systems, causing impact," said Microsoft describing the root cause. "Some users' Exchange Online email messages may be unexpectedly quarantined." "Efforts to alleviate impact by adding the affected URLs to the appropriate allow list have so far been unsuccessful. We're attempting to manually correct affected email message locations to remediate impact while we review for more offending URLs," the company added. Redmond's engineers are also tracking a separate incident (EX1038200) preventing users and admins from accessing the 'Review' page under the Email and Collaboration section in the Security portal. Customers have been reporting experiencing similar problems over the last two days, including having issues accessing the Quarantine Review page when using Microsoft Defender for 365 for email protection and being unable to release emails from quarantine. "The 'Review' page under the Email and Collaboration section in the Security portal is not accessible, displaying a blank page and not loading any data," Redmond explains. "We're reviewing diagnostic data from our telemetry to understand the underlying root cause of the issue and to formulate a mitigation plan." In August 2024, Microsoft resolved another Exchange Online false positive that erroneously tagged emails containing images as malicious and sent them to quarantine. More recently, Microsoft also mitigated an outage earlier this week that blocked Outlook on the web users from accessing their Exchange Online mailboxes and addressed a week-long Exchange Online outage that caused delays or failures when sending or receiving emails. Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
Daily Brief Summary
Microsoft is addressing an Exchange Online bug that has caused some user emails to be wrongly flagged by anti-spam systems and quarantined.
The issue, identified as critical, began nearly five hours prior to the report and is being tracked under the incident code EX1038119.
This problem involves specific URLs being incorrectly categorized by Microsoft's anti-spam tools, affecting email delivery.
Efforts to fix the issue by whitelisting the implicated URLs failed, leading Microsoft to attempt a manual correction of the affected messages.
A separate related issue, coded EX1038200, affects access to the 'Review' page in the Email and Collaboration section of the Security portal, hindering the management of quarantined emails.
Microsoft's engineers are conducting a review of diagnostic telemetry to understand and mitigate the root causes of these issues.
These incidents add to a series of recent challenges for Exchange Online, including a previous false positive issue and multiple outages affecting email access and delivery.