Microsoft 365 Alert – Service Degradation – Microsoft Defender XDR – Some users may be unable to use unused OAuth app policies in App Governance – ONGOING

19/05/2026 09:15:00 AM

NHSmail Reference: INC46829911

Microsoft Reference: DZ1314603

Issue Status: ONGOING

Issue Description: Users may be unable to use unused OAuth app policies in App Governance.

More info: Affected users may notice policy evaluation has been temporarily suspended, meaning alerts won’t be generated and governance actions such as app disablement won’t occur. Existing policy configurations remain unchanged and will resume once normal operation is restored.

Current Update: 29/06/2026 08:46:00 AM – Microsoft are continuing to expect the secondary fix to be fully deployed by Friday, July 10, 2026.

Scope of impact: Your organization is affected by this event, and any users with unused OAuth app policies configured in App Governance may be impacted.

Root cause: A pre-existing code issue within the service, related to how “last used” data is calculated, was triggered under specific conditions, which is resulting in data inconsistencies

Next update by: Friday, July 10, 2026, at 12:30 PM UTC