Microsoft: DNS issue blocks delivery of Exchange Online OTP codes

Recipients may receive a single-use access code via a separate email to open an encrypted message in Gmail, Yahoo, or other email clients without a Microsoft 365 subscription. In recent years, Microsoft has had to address outages and incidents caused by DNS issues, including one in August 2023 that was triggered by a misconfigured DNS SPF record, resulting in worldwide Hotmail email delivery failures. "Some users expecting to receive OTP email messages for encrypted email messages in Exchange Online may be impacted," Microsoft said. In a previous update regarding this incident, Microsoft noted that the OTP delivery problems are due to the removal of DNS records for the domain that generates access codes for encrypted messages. Microsoft is working to fix a DNS misconfiguration that is causing one-time passcode (OTP) message delivery failures in Exchange Online for some users. While Microsoft has yet to provide detailed information about the extent of the incident, the company has identified it as a critical service issue in the Microsoft 365 admin center, indicating that it has a significant impact on users. "DNS records for the domain that provides OTP email messages to encrypted messages became misconfigured, which is causing impact. In February, Microsoft resolved a widespread issue causing Entra ID DNS authentication failures, which were triggered by a DNS change that resulted in DNS resolution failures for the autologon.microsoftazuread.sso.com domain. However, as the company explains in a new service alert published in the admin center, some users may not receive OTP emails because of a known Domain Name System (DNS) record misconfiguration. It also added that the known issue specifically affects users who have a process set up to perform DNS checks on incoming email messages. Two years earlier, in April 2021, a code defect was responsible for a global outage that affected many Microsoft servicesdue to overloaded Azure DNS servers. This OTP message allows them to view the encrypted email on the Office 365 Message Encryption portal.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 02 Jul 2025 12:25:22 +0000

Cyber News related to Microsoft: DNS issue blocks delivery of Exchange Online OTP codes

How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
1 year ago Esecurityplanet.com

Microsoft: DNS issue blocks delivery of Exchange Online OTP codes - Recipients may receive a single-use access code via a separate email to open an encrypted message in Gmail, Yahoo, or other email clients without a Microsoft 365 subscription. In recent years, Microsoft has had to address outages and incidents ...
1 month ago Bleepingcomputer.com

Microsoft: Exchange 2016 and 2019 reach end of support in six months - This week's warning comes after Microsoft reminded IT admins in January that Exchange Server 2016 and Exchange Server 2019 will no longer receive technical support starting in October. The Exchange Server Engineering Team also shared guidance for ...
3 months ago Bleepingcomputer.com

The ticking time bomb of Microsoft Exchange Server 2013 - This is, of course, a common issue since 2021 or so, due to Exchange Server security woes- however there has been an abnormally high increase in the past few months, making me think there was some kind of Exchange Server zero day perhaps. In my own ...
1 year ago Doublepulsar.com

CVE-2025-46712 - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by ...
3 months ago

Microsoft: Exchange Server Subscription Edition now available - As the company explained, the Exchange Server SE RTM build released this week can be installed as a cumulative update (CU) on servers running Exchange Server 2019 CU15 or CU14, and it can also be joined to existing Exchange Server 2019 or Exchange ...
1 month ago Bleepingcomputer.com

DNS Tunneling Abuse Expands to Tracking & Scanning Victims - Attackers are taking malicious manipulation of DNS traffic to the next level, abusing DNS tunneling to scan a victim's network infrastructure as well as track victims' online behavior. Researchers from Palo Alto Networks' Unit 42 have identified ...
1 year ago Darkreading.com

Teaching Digital Literacy and Online Safety - It is crucial for educators to prioritize teaching online safety to ensure that students are equipped with the necessary skills to protect themselves online. This article aims to explore the importance of teaching digital literacy and online safety, ...
1 year ago Securityzap.com

Using Passive DNS To Trace Command And Control Infrastructure - When a security team discovers a suspicious domain or IP address, passive DNS allows them to trace its historical connections and uncover the broader infrastructure used by the threat actor. Finally, security teams should combine passive DNS ...
3 months ago Cybersecuritynews.com Hunters

Here's How To Steer Clear Of QR Code Hacking - QR codes, present for years and widely embraced during COVID-19, offer great benefits. Cybercriminals exploit them, creating malicious QR codes to unlawfully access your personal and financial data. These tampered codes pose a threat, potentially ...
1 year ago Cysecurity.news

Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
1 year ago Bleepingcomputer.com

Attacks abuse Microsoft DHCP to spoof DNS records The Register - A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers. We're told the attacks - which are ...
1 year ago Go.theregister.com

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com

Understanding DNS Zones: A Comprehensive Guide - DNS stands for Domain Name System, and it is one of the most important components of the Internet. It is a network of servers that coordinates the registration, updating and resolution of domain names, so that users can easily access websites and ...
2 years ago Heimdalsecurity.com

Hackers use DNS tunneling for network scanning, tracking victims - Threat actors are using Domain Name System tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. DNS tunneling is the encoding of data or commands that are sent ...
1 year ago Bleepingcomputer.com

Cybersecurity for Homeschooling Parents: A Guide - With the increased reliance on technology and online tools, homeschooling parents must also address the pressing issue of cybersecurity. Whether it's securing tech tools, teaching safe online practices, or accessing valuable resources, this guide ...
1 year ago Securityzap.com

Role of Parents in Teaching Online Safety - In today's digital landscape, where children are increasingly exposed to the vast world of the internet, the role of parents in teaching online safety has become paramount. Parents should have regular conversations with their kids about the ...
1 year ago Securityzap.com

Top Characteristics of a QR Code Phishing Email - As campaigns using QR codes grow in size and complexity it is important to track not just the QR codes themselves, but also the context of the emails delivering the QR codes. Others use images embedded in the email or QR codes rendered from external ...
1 year ago Securityboulevard.com

Microsoft Exchange 2019 has reached end of mainstream support - Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. Starting today, the company says it will no longer accept requests for bug fixes and Design Change Requests, but it ...
1 year ago Bleepingcomputer.com

Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug - Microsoft has identified one of the critical vulnerabilities in Exchange Server that the company disclosed in February's Patch Tuesday update as actually being a zero-day threat that attackers are already actively exploiting. CVE-2024-21410 is an ...
1 year ago Darkreading.com CVE-2024-21410 CVE-2024-2140 CVE-2024-21412 CVE-2024-21351 Fancy Bear

Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
10 months ago Aws.amazon.com

Microsoft tests Windows 11 encrypted DNS server auto-discovery - Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info ...
1 year ago Bleepingcomputer.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

What to do when receiving unprompted MFA OTP codes - Receiving an unprompted one-time passcode sent as an email or text should be a cause for concern as it likely means your credentials have been stolen. One of the initial components of a cyberattack is the theft of legitimate credentials to corporate ...
1 year ago Bleepingcomputer.com

CVE-2024-7829 - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, ...
11 months ago