Back to Announcements

Microsoft 365 Alert – Service Degradation – Exchange Online – Some admins or users may be unable to access multiple Microsoft 365 services – ONGOING

Announcements Arpan Das

22/10/2025 09:28:00 AM

NHSmail Reference: INC46662501

Microsoft Reference: MO1176905

Issue Status: ONGOING

Issue Description: Admins or users may be unable to access multiple Microsoft 365 services.

More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.

While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.

1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.

Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps

2. Run Search-UnifiedAuditLog and retrieve audit logs:

$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000

3. Filter logs matching the issue and replace “Group_” in ObjectID:

$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}

* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.

4. You can verify each group info to see which ones were affected with the following command:

$GroupID | Get-UnifiedGroup -ResultSize Unlimited

5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.

Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0

6. Update SecurityEnabled to True:

$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}

Current Update: 17/11/2025 08:46:00 AM Microsoft have developed the aforementioned fix to address the impact. They are now conducting a validation and testing process to ensure the effectiveness of the fix prior to deploying it to the affected infrastructure. They expect to share an estimated deployment time line by their next scheduled update.

Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.

Next update by: Friday, November 21, 2025, at 3:30 PM UTC

back to top