CyberSecurityBoard
Sponsor Register Login

Microsoft Attributes Recent Microsoft 365 Outage to Authentication Token Failure

Microsoft confirmed a significant outage affecting its Microsoft 365 suite on March 3, 2025, linking the disruption to a critical failure in its authentication token system. While Microsoft assured users no data was compromised, the outage highlighted dependencies on centralized authentication systems without fallback protocols. We've detected a potential authentication token issue that may be contributing to impact, and we're further examining this pathway to determine our next troubleshooting steps. We're investigating an issue impacting Microsoft Teams-provisioned auto attendants and call queues. Microsoft identified the root cause as a breakdown in the silent token refresh mechanism, a core component of its identity management framework. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. We've identified a recent change that inadvertently caused impact to auto attendant and call queues. Authentication tokens, which validate user identities without requiring repeated logins, failed to renew automatically due to unresponsive regional servers. Microsoft’s Incident MO1022159 noted the problem originated in Canada, where routing issues with local ISPs like Rogers exacerbated the outage. For more details, please see TM1022107 in the Microsoft 365 admin center. Services resumed fully by 2:20 AM, but the outage underscores cloud infrastructure’s vulnerability to authentication bottlenecks. The incident, which impacted users across Canada and parts of the U.S. for nearly three hours, prevented access to Outlook, Teams, and OneDrive. Additional information can be found in the admin center under TM1022107. Administrators temporarily mitigated the issue by clearing cached tokens or restarting the Click-to-Run service—a stopgap solution discussed in Reddit threads. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. This triggered a large amount of authentication errors, locking users out of cloud-based applications.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 04 Mar 2025 06:55:03 +0000


Cyber News related to Microsoft Attributes Recent Microsoft 365 Outage to Authentication Token Failure

CVE-2022-48826 - In the Linux kernel, the following vulnerability has been resolved: ...
6 months ago
Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365 - Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service for Microsoft 365. Utilizing the power and ...
1 year ago Helpnetsecurity.com
Microsoft Attributes Recent Microsoft 365 Outage to Authentication Token Failure - Microsoft confirmed a significant outage affecting its Microsoft 365 suite on March 3, 2025, linking the disruption to a critical failure in its authentication token system. While Microsoft assured users no data was compromised, the outage ...
3 months ago Cybersecuritynews.com
Microsoft links recent Microsoft 365 outage to buggy update - While Microsoft resolved the Microsoft 365 authentication problems over the weekend, another advisory published on the admin center states that Exchange Online users still have issues accessing their calendar entries and email messages using the iOS ...
3 months ago Bleepingcomputer.com
New Microsoft 365 outage impacts Teams and other services - In a service alert (MO1068615) in the Microsoft 365 admin center, the company says impacted services include but are not limited to Microsoft Teams, adding that the most likely cause could be a faulty routing configuration for its Azure ...
1 month ago Bleepingcomputer.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
1 year ago Microsoft.com
From Implicit to Authorization Code With PKCE, BFF - Lack of Refresh Token Support occurs when there are no refresh tokens, and frequent requests for new tokens are necessary, increasing the chances of token leakage and misuse. The Implicit Flow had several security vulnerabilities, such as token ...
11 months ago Feeds.dzone.com
Microsoft: Licensing issue blocks Microsoft 365 Family for some users - Microsoft is investigating a potential licensing issue blocking access to Microsoft 365 services for some customers with Family subscriptions. After a massive wave of user reports on social media and the company's community website, Microsoft ...
2 months ago Bleepingcomputer.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Crypto Deception Unveiled: Check Point Research Reports Manipulation of Pool Liquidity Skyrockets Token Price by 22,000% - Deceptive actors are manipulating pool liquidity, sending token prices soaring by a shocking 22,000%. 80,000 Heist Unveiled: The manipulation of pool liquidity resulted in a swift and calculated theft of $80,000 from unsuspecting token holders. Check ...
1 year ago Blog.checkpoint.com
Microsoft 365 To Block Downloaded Excel XLL Add-Ins To Boost Security - Microsoft has recently announced that in order to help improve security, Microsoft 365 is now blocking the download of XLL add-ins for Excel on both Window PCs and Apple Macs. This new feature will be put into effect early 2021, affecting both Office ...
2 years ago Bleepingcomputer.com
Microsoft 365 Outage - Admins are Unable to Access the Microsoft 365 Admin Center - We’re routing traffic to alternate infrastructure as a potential mitigation,” Microsoft stated in the update, directing users to for more details or to follow incident ID MO1056087 if the Admin Center is accessible. We're investigating an ...
2 months ago Cybersecuritynews.com
Microsoft 365 Outage Takes Down Teams, Exchange Online and Outlook - Microsoft experienced an outage on Tuesday, October 20th which caused major disruption to its Microsoft 365 service. It affected Teams, Exchange Online, and Outlook users and caused difficulty related to email sending and receiving, authenticating, ...
2 years ago Bleepingcomputer.com
Microsoft: Office 2016 and Office 2019 reach end of support in October - You can also switch to Office 2024, a standalone Office version released in October 2024 for small businesses and consumers without a Microsoft 365 subscription. This version includes locked-in-time versions of Word, Excel, PowerPoint, ...
2 months ago Bleepingcomputer.com
Microsoft 365 Hit By Major Outage Impacting Teams, OneDrive, & SharePoint - The company has advised administrators and users to monitor the Microsoft 365 Admin Center for ongoing updates under the issue ID MO1068615. Users across various regions are currently experiencing significant disruptions to Microsoft 365 services, ...
1 month ago Cybersecuritynews.com
Microsoft fixes Outlook Desktop crashes when sending emails - Microsoft has fixed a known issue causing Outlook Desktop clients to crash when sending emails from Outlook.com accounts. These problems were first reported on Microsoft's community website and other social networks by customers saying they were ...
1 year ago Bleepingcomputer.com
New Microsoft 365 outage impacts Teams, causes call failures - Over the weekend, Microsoft said it addressed another Microsoft 365 outage that affected Outlook and Exchange Online authentication and caused Teams and Power Platform degraded functionality. Redmond linked this weekend's incident ...
3 months ago Bleepingcomputer.com
Microsoft fixes Entra ID authentication issue caused by DNS change - "Between 17:18 UTC and 18:35 UTC on 25 February 2025, customers attempting to authenticate with Microsoft Entra ID using the Seamless SSO and Microsoft Entra Connect Sync features may have experienced DNS resolution failures when trying to access ...
3 months ago Bleepingcomputer.com
Microsoft 365 Outage Caused by WAN Router IP Change - Recently, many users experienced an outage of Microsoft 365 services due to a WAN router IP change. The outage caused interruptions for some subscriptions, forcing users to wait for hours before accessing the services again. Users experienced ...
2 years ago Bleepingcomputer.com
CVE-2024-50022 - In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise, vmf->address not aligned to fault_size will be aligned ...
8 months ago Tenable.com
Microsoft Attributes Recent Outage of Outlook Web to Code Error in Recent Update - The tech giant has attributed the issue to a problematic code change in a recent update, which left thousands of users unable to access their accounts and use essential communication tools. We’re working to revert the recent code change and ...
3 months ago Cybersecuritynews.com
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
1 year ago Techcommunity.microsoft.com
Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
CVE-2023-50713 - Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, ...
1 year ago Tenable.com
Microsoft 365 Family Subscriptions Users Hit by Licensing Glitch Denies Services - The issue appears to be isolated to users with Microsoft 365 Family subscriptions, affecting their ability to access services like Word, Excel, PowerPoint, and OneDrive. Microsoft 365 Family subscribers are currently facing disruptions in accessing ...
2 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)