Microsoft Exchange Online email quarantine disruption
Service Disruption
Summary
Hide ▲
Show ▼
Microsoft's Exchange Online is facing an ongoing email delivery disruption that is quarantining legitimate messages and blocking some customers from sending or receiving mail. The issue began on February 5 and still matters because it interrupts everyday email flow for affected tenants. Microsoft says a new URL rule is misclassifying some messages and is working to release quarantined emails and unblock legitimate URLs.
Related Happenings
Microsoft Exchange CVE-2026-42897 mitigation advisory
Advisory/Mitigation
First: 15.05.2026 12:40
Last: 15.05.2026 12:40
Sources 1
About this happening:
**Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...
Microsoft Exchange CVE-2026-42897 mitigation advisory
Advisory/MitigationAbout this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...
Latest development: 15.05.2026 15:35
Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.
Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)
Vulnerability
First: 15.05.2026 09:19
Last: 15.05.2026 09:19
Sources 1
About this happening:
**CVE-2026-42897** is an **actively exploited** **spoofing/XSS** flaw in **on-premises Microsoft Exchange Server** that can let attackers trigger **arbitrary JavaScript** in a bro...
Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)
VulnerabilityAbout this happening: **CVE-2026-42897** is an **actively exploited** **spoofing/XSS** flaw in **on-premises Microsoft Exchange Server** that can let attackers trigger **arbitrary JavaScript** in a bro...
Microsoft Exchange Online blocks legacy TLS for POP3 and IMAP4 starting July 2026
Security Tool/Service
First: 28.04.2026 16:18
Last: 28.04.2026 16:18
Sources 1
About this happening:
**Microsoft** will block **TLS 1.0** and **TLS 1.1** for **POP3/IMAP4** access to **Exchange Online** in **July 2026**, which could break legacy mail clients and embedded devices...
Microsoft Exchange Online blocks legacy TLS for POP3 and IMAP4 starting July 2026
Security Tool/ServiceAbout this happening: **Microsoft** will block **TLS 1.0** and **TLS 1.1** for **POP3/IMAP4** access to **Exchange Online** in **July 2026**, which could break legacy mail clients and embedded devices...
Microsoft Outlook.com outage causing sign-in failures
Service Disruption
First: 27.04.2026 15:03
Last: 27.04.2026 15:03
Sources 1
About this happening:
Microsoft's **Outlook.com** is experiencing an **ongoing outage** that is blocking sign-ins and mailbox access, leaving some customers unable to use email normally. The disruption...
Microsoft Outlook.com outage causing sign-in failures
Service DisruptionAbout this happening: Microsoft's **Outlook.com** is experiencing an **ongoing outage** that is blocking sign-ins and mailbox access, leaving some customers unable to use email normally. The disruption...
Microsoft Edge regression disrupts Teams meeting joins
Service Disruption
First: 23.04.2026 16:18
Last: 23.04.2026 16:18
Sources 1
About this happening:
A **Microsoft Edge** regression is preventing some **Windows** users from joining **Microsoft Teams** meetings, causing a limited-scope access disruption for scheduled and link-ba...
Microsoft Edge regression disrupts Teams meeting joins
Service DisruptionAbout this happening: A **Microsoft Edge** regression is preventing some **Windows** users from joining **Microsoft Teams** meetings, causing a limited-scope access disruption for scheduled and link-ba...
Timeline
-
18.02.2026 18:26 1 articles · 3mo ago
Microsoft publishes Exchange Online root-cause analysis
Technical Analysis UpdateMicrosoft’s preliminary post-incident report for Exchange Online says a logic error in heuristic detection aimed at novel credential phishing campaigns misclassified thousands of legitimate URLs as phishing links, quarantined legitimate emails, blocked links in Microsoft Teams messages, and generated false-positive XDR alerts during the February 5-12 incident window.
Show sources
- Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages — www.bleepingcomputer.com — 18.02.2026 18:26
-
09.02.2026 12:47 1 articles · 3mo ago
Exchange Online mail filtering disruption begins
Untyped PhaseMicrosoft Exchange Online customers begin experiencing an email delivery disruption in which legitimate messages are incorrectly marked as phish and quarantined, preventing some users from sending or receiving email.
Show sources
- Microsoft: Exchange Online flags legitimate emails as phishing — www.bleepingcomputer.com — 09.02.2026 12:47
-
09.02.2026 12:47 2 articles · 3mo ago
Microsoft acknowledges Exchange Online quarantine bug
Initial DisclosureMicrosoft says legitimate email messages are being marked as phish and quarantined in Exchange Online, explains that an updated URL rule is incorrectly flagging legitimate URLs as malicious, and says it is working to release quarantined messages and unblock legitimate URLs for affected customers.
Show sources
- Microsoft: Exchange Online flags legitimate emails as phishing — www.bleepingcomputer.com — 09.02.2026 12:47
- Microsoft: Anti-spam bug blocks links in Exchange Online, Teams — www.bleepingcomputer.com — 09.09.2025 16:40