Microsoft 365 Alert – Service Degradation –Microsoft Defender XDR – Users may experience failures in some of Microsoft Defender for Endpoint response capabilities – RESOLVED
15/01/2024 09:02:00 AM
NHSmail Reference: INC48046701
Microsoft Reference: DZ979902
Issue Status: RESOLVED
Issue Description: Users may experience failures in some of Microsoft Defender for Endpoint response capabilities
More info: The impacted capabilities include security intelligence updates, forensics collection, download file, and live response analysis.
In addition, Defender Experts operations are also experiencing degradation and limited operations. Efforts to restore all impacted services are in progress. Defender Experts will resume full operations once the restoration is complete.
Final Update: 16/01/2024 08:52:00 AM – Microsoft have successfully reverted the aforementioned service change, applied an update to address the misconfiguration and re-imaged the affected infrastructure, and confirmed following a monitoring period that impact has been remediated.
Scope of impact: All users serviced by the affected infrastructure may be impacted by this event and experience failures in some of Microsoft Defender for Endpoint response capabilities.
Root cause: A planned Microsoft Defender Cloud Protection service upgrade designed to improve performance included a misconfiguration, leading to impact.
Next Steps: Microsoft are reviewing upcoming scheduled service updates for similar issues to reduce or avoid reoccurrence of impact in the future.