23-09-2021 08:38:00 AM (BST)
Microsoft Reference : OD286672
NHSmail Reference : INC24011480
Issue Status: ONGOING
Issue Description: Users will see a frozen white screen when attempting to sign into the OneDrive for Business sync app.
More info: This issue might affect users who have the Microsoft Exploit Protection EAF (Export Address Filtering) feature enabled and have installed the September security updates.
This issue might affect users who have the Microsoft Exploit Protection EAF (Export Address Filtering) feature enabled and have installed the September security updates.
Microsoft confirmed that users with Mobile Device Management (MDM) enabled devices can add the following reg key as a workaround: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides /v 2767781516 /t REG_DWORD /d 0 /f
Microsoft also confirmed with affected users that disabling Export Address Filtering (EAF) is a potential workaround to alleviate the impact. Admins who wish to do so can navigate to Windows Security > App & Browser Control > Exploit Protection Settings > Program Settings > OneDrive.exe > Turn off Export Address Filtering (EAF) and mitigate the impact.
Alternatively, this issue can be mitigated using Known Issue Rollback (KIR):
For enterprise-managed devices that have installed an affected update and encountered this issue, it can be mitigated by installing and configuring a special Group Policy installed via an MSI file available for:
– Windows 10, version 1809 and Windows Server 2019: https://download.microsoft.com/download/7/f/1/7f194890-eea9-4cad-b19f-25ab67e41bbe/Windows%2010%20(1903%20&%201909)%20Known%20Issue%20Rollback%20091721%2001.msi
– Windows 10, version 2004, Windows 10, version 20H2 and Windows 10, version 21H1: https://download.microsoft.com/download/7/f/1/7f194890-eea9-4cad-b19f-25ab67e41bbe/Windows%2010%20(2004%20,%2020H2%20and%2021H1)%20Known%20Issue%20Rollback%20091721%2001.msi
Note: Devices will need to be restarted after configuring the special Group Policy. For help, please see the following:
For general information on using Group Policies, see:
Please note that many Mobile Device Management (MDM) customers can’t deploy group policies. Customers unable to deploy group policy settings for the KIR should open support cases for further assistance.
Scope of impact: Any user may be prevented from signing into the OneDrive for Business sync app.
Current Update – 21/10/2021 11:50:00 AM: The fix has been deployed and is contained within the October Windows update. Users will need to initiate the update on their device to remediate the issue.