Microsoft 365 Alert – Service Degradation – Microsoft 365 Defender – Some users can’t access some applications when using Microsoft Defender for Endpoint – RESOLVED

27/10/2023 08:50:00 AM

NHSMail Reference: INC39149912

Microsoft Reference: DZ684542

Issue Status: RESOLVED

Issue Description: Some users can’t access some applications when using Microsoft Defender for Endpoint.

More info: Users that have updated to the most recent Microsoft Defender for Endpoint update are impacted by this event. Admins may be unable to access the expected level of granular controls.

Final Update: 06/11/2023 08:52:00 AM – Microsoft confirmed that their fix’s deployment was successfully restarted and has now completed. The fix is currently available in engine version 1.1.23100.2009, the most recent Microsoft Defender for Endpoint update, and users without an auto-update feature enabled will need to manually update to this version to receive the fix.

Scope of impact: Users serviced by the affected infrastructure attempting to open .txt, .pdf. and .msg files through shortcuts in OneDrive for Business.

Root cause: A latent code regression introduced with an engine update within the affected infrastructure causes an unexpected parsing behavior to occur in certain circumstances, which is resulting in impact.

Next steps: Microsoft are investigating how the code regression was missed during their update vetting procedures which will allow them to improve their pre-deployment testing processes and help prevent similar issue in the future.