August 26, 2024 at 03:56PM
Microsoft administrators faced a challenging Monday after being inundated with false malware reports, leading to legitimate emails being quarantined. Microsoft’s 365 Service Center issued an alert on Xitter, acknowledging an issue with malware detection. A mitigation is in progress, but admins may need to manually unblock emails due to the volume of material affected. The issue is still being resolved.
Key takeaways from the meeting notes:
– Many administrators encountered difficulties due to receiving false malware reports from Microsoft, resulting in a surge of spam on Monday.
– The Microsoft 365 service center issued an alert on Xitter without sending the customary 365 Service Alert email, leading to user complaints.
– Users identified the issue on Reddit before Microsoft officially alerted customers.
– Microsoft acknowledged an issue with email messages being incorrectly flagged as malware and quarantined, providing further information in the admin center under EX873252.
– A mitigation has been implemented to unblock legitimate emails mistakenly quarantined, with ongoing replays of impacted emails.
– Administrators may need to manually unblock legitimate emails due to the volume of material and the need to prevent actual malware from passing through, potentially causing delays.
– The original EX873252 article has been taken down, although it remains accessible.
– The issue began around 0900 ET (1300 UTC), prompting an alert from Britain’s National Health Service several hours later. Microsoft has indicated that they are working on resolving the problem.
– While the flood of false positives has reportedly decreased, the issue is not fully resolved.
– An amateur sysadmin suggests the problem may be related to Microsoft Defender Threat Explorer and the PowerShell Get-QuarantineMessage cmdlet.
– Further updates will be provided when a formal statement is issued by Microsoft.
Please let me know if you need any further assistance.