Microsoft 365 Alert : Service Degradation – Microsoft 365 suite – Users attempting sign-in for Microsoft 365 desktop applications may be unable to and receive errors – RESOLVED

17/08/2022 05:19:00 AM (BST)

Issue Reported : 17/08/2022 05:19:00 AM BST

NHSMail Reference : INC31132188

Microsoft Reference : MO414814 

Issue Status : RESOLVED

Issue Description : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.

More info : This issue only affects Windows devices. Users on an affected Windows device may see a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user. In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue. Impacted users are unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.

Affected desktop client applications on Windows devices include the following:
– Microsoft Teams
– Microsoft Outlook
– OneDrive for Business
– Microsoft Excel
– Microsoft PowerPoint
– Microsoft Word
– Microsoft OneNote

Tenable/Nessus (a third-party provider) has published more information and customer guidance in partnership with our engineering teams on a fix for this issue. Please follow the instructions in this article to mitigate the impact caused by this incident:

https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD

Microsoft has published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis:

https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps

Some affected customers have reported they are not running Tenable. However, in our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article. Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD). The Tenable plugin may not be present or discoverable on each endpoint.

If you think your organization has affected users, please contact your enterprise IT department to determine whether Tenable is in use. If, after investigating, your organization has confirmed that they are not using the affected Tenable plugin in your environment, then you are not impacted by this event. We recommend your organization follow existing support escalation paths, to address those concerns as an unrelated issue.

Scope of impact : The issue potentially impacted users who were attempting to sign into Microsoft 365 desktop applications and had the affected Tenable plugin running.

Final Update : 06/09/2022 13:48:00 PM – The Windows Troubleshooter fix has saturated across the affected environments, and organizations that have Windows Troubleshooter enabled are receiving the fix automatically. Organizations that have disabled Windows Troubleshooter either by Group policy or via Microsoft Endpoint Manager (MDM) will not receive the solution automatically and can resolve the issue by following the steps outlined in the “More info” section of this message. Microsoft understands the impact this issue has had on users in affected organizations and, in some scenarios, continues to have on some users. They encourage those users and admins for whom the remediation steps described above are not viable to reach out to Microsoft support for further assistance.

Root cause : A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect, as described in the Tenable article linked above.

back to top