Microsoft 365 Alert – Service Degradation – Exchange Online – Admins’ Microsoft Purview Data Loss Prevention (DLP) policies containing two specific predicates may not be enforced – RESOLVED

02/10/2023 08:30:00 AM (GMT)

NHSmail Reference : INC38619263

Microsoft Reference : EX678417

Issue Status : RESOLVED

Issue Description : Admins’ Microsoft Purview Data Loss Prevention (DLP) policies containing two specific predicates may not be enforced.

More info : This problem manifests only after modifying or creating DLP policies containing the “DocumentContainsWords” and “DocumentMatchesPatterns” predicates after this issue was introduced on approximately Monday, September 18, 2023, at 12:00 AM UTC. We recommend that customers refrain from modifying existing policies containing these predicates until we”ve addressed this problem to ensure proper DLP policy enforcement.

Final Update : 04/10/2023 09:35:00 AM – The code fix deployment has finished for the remainder of the affected environment, completely remediating impact.

Scope of impact : This issue may affect any admin”s DLP policies containing the “DocumentContainsWords” and “DocumentMatchesPatterns” predicates that have been modified or created since approximately Monday, September 18, 2023, at 12:00 AM UTC..

Root cause : A code regression introduced in a recent Exchange Online Protection service update may be preventing DLP policies containing the “DocumentContainsWords” and “DocumentMatchesPatterns” predicates from being properly enforced if the policy has been modified or created after the update was implemented..

Next steps : Microsoft are reviewing and improving their code change validation process to prevent similar DLP policy code regressions from causing impact in the future.