Microsoft 365 Alert – Service Degradation – Microsoft Defender XDR – Some users may be unable to use unused OAuth app policies in App Governance – ONGOING

19/05/2026 09:15:00 AM

NHSmail Reference: INC46829911

Microsoft Reference: DZ1314603

Issue Status: ONGOING

Issue Description: Users may be unable to use unused OAuth app policies in App Governance.

More info: Affected users may notice policy evaluation has been temporarily suspended, meaning alerts won’t be generated and governance actions such as app disablement won’t occur. Existing policy configurations remain unchanged and will resume once normal operation is restored.

Current Update: 08/06/2026 08:51:00 AM –Microsoft has successfully validated the fix and started deploying to the affected environments. They are expecting the deployment to complete by Friday, June 12, 2026.

Scope of impact: Your organization is affected by this event, and any users with unused OAuth app policies configured in App Governance may be impacted.

Root cause: A pre-existing code issue within the service, related to how “last used” data is calculated, was triggered under specific conditions, which is resulting in data inconsistencies

Next update by: Friday, June 12, 2026, at 12:30 PM UTC