Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

More info: Users may see some previously quarantined messages successfully delivered; however, some messages may still be impacted until the issue is fully resolved.

Current status: We’re carefully reviewing a small portion of messages which remain in quarantine to assess the final actions needed as we near the completion of the restoration process.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted. This information may be updated as our investigation continues.

Start time: Thursday, February 5, 2026, at 12:26 AM UTC

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Thursday, February 12, 2026, at 8:00 PM UTC

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

More info: Users may see some previously quarantined messages successfully delivered; however, some messages may still be impacted until the issue is fully resolved.

Current status: We’ve continued to make progress restoring previously affected email messages. We’re actively monitoring the restoration process and taking targeted actions to address any remaining blockers.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted. This information may be updated as our investigation continues.

Start time: Thursday, February 5, 2026, at 12:26 AM UTC

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Thursday, February 12, 2026, at 6:00 PM UTC

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

More info: Users may see some previously quarantined messages successfully delivered; however, some messages may still be impacted until the issue is fully resolved.

Current status: We've confirmed that no additional messages are being quarantined due to this incident, and we’re proceeding with our work to incrementally release those messages which were previously affected.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted. This information may be updated as our investigation continues.

Start time: Thursday, February 5, 2026, at 12:26 AM UTC

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Thursday, February 12, 2026, at 6:00 AM UTC

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

More info: Users may see some previously quarantined messages successfully delivered; however, some messages may still be impacted until the issue is fully resolved.

Current status: We’re actively working on unblocking legitimate URLs and releasing quarantined messages. As we progress through these workstreams, some impacted accounts will see legitimate email messages returning to their inboxes from quarantine.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted. This information may be updated as our investigation continues.

Start time: Thursday, February 5, 2026, at 12:26 AM UTC

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Thursday, February 12, 2026, at 1:00 AM UTC

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

More info: Users may see some previously quarantined messages successfully delivered; however, some messages may still be impacted until the issue is fully resolved.

Current status: We discovered an issue when unblocking some legitimate URLs which we must resolve prior to releasing the quarantined messages. We’re working on addressing the blocker so we can proceed with unblocking the legitimate URLs and releasing the quarantined messages to remediate.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted.

Start time: Thursday, February 5, 2026, at 12:26 AM UTC

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Wednesday, February 11, 2026, at 1:00 AM UTC

Title: Some users' legitimate email messages may be marked as phishing and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing and quarantined in Exchange Online.

Current status: We’re reviewing the release of quarantined messages for affected users and working on confirming legitimate URLs are unblocked. Some users may see their previously quarantined messages successfully delivered and we’re working to confirm full remediation. We’ll provide an estimated time to resolve when one becomes available.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted.

Preliminary root cause: An updated URL rule intending to identify more sophisticated spam and phishing email messages is incorrectly quarantining legitimate email messages in Exchange Online, resulting in impact.

Next update by: Tuesday, February 10, 2026, at 1:00 AM UTC

Title: Some users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online.

Current status: We're continuing to review our logging and detection components to ensure our current mitigation strategy fully remediates the impact. In the meantime, we're releasing quarantined messages for affected users and unblocking URLs as our investigation progresses.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted.

Root cause: The email messages are getting incorrectly marked as phishing and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Saturday, February 7, 2026, at 8:30 PM UTC

Title: Some users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online.

Current status: While monitoring the process of releasing the quarantined messages for the affected users, we received fresh reports of quarantined messages from a subset of affected users. We're reviewing the logging and impact details provided by this subset of users to help us determine how we can adjust our current mitigation strategy to ensure full remediation for all affected environments.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted.

Root cause: The email messages are getting incorrectly marked as phishing and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Saturday, February 7, 2026, at 4:30 AM UTC

Title: Some users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online

User impact: Users' legitimate email messages may be marked as phishing email and quarantined in Exchange Online.

Current status: We're continuing to release the quarantined messages for the affected users to fully resolve this problem. In parallel, we're actively working to evaluate additional remediation actions to perform in order to expedite the process of recovery.

Scope of impact: Some users attempting to send or receive Exchange Online email messages may be impacted.

Root cause: The email messages are getting incorrectly marked as phishing and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Saturday, February 7, 2026, at 2:30 AM UTC

Title: Some users' legitimate email messages are being marked as phish and quarantined in Exchange Online

User impact: Users' legitimate email messages are being marked as phish and quarantined in Exchange Online.

Current status: We expect that the issue is resolved for any new messages as a result of adding the affected URLs to the allow list and we’re continuing the process of working with support to collect the necessary data to release the quarantine messages to fully resolve this problem. We’ll provide an estimate for the completion of this process when available.

Scope of impact: Your organization is affected by this event, and some users attempting to send or receive Exchange Online email messages are impacted.

Root cause: The email messages are getting incorrectly marked as phish and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Friday, February 6, 2026, at 10:30 AM UTC

Title: Some users' legitimate email messages are being marked as phish and quarantined in Exchange Online

User impact: Users' legitimate email messages are being marked as phish and quarantined in Exchange Online.

Current status: We’ve added the associated URLs for the affected email messages to the allow list to resolve further impact from occurring. We’re now in the process of releasing the affected quarantined email messages to fully resolve the issue. Additionally, we anticipate that we’ll be able to provide a remediation timeline by the time of our next scheduled communications update.

Scope of impact: Your organization is affected by this event, and some users attempting to send or receive Exchange Online email messages are impacted.

Root cause: The email messages are getting incorrectly marked as phish and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Friday, February 6, 2026, at 6:30 AM UTC

Title: Some users' legitimate email messages are being marked as phish and quarantined in Exchange Online

User impact: Users' legitimate email messages are being marked as phish and quarantined in Exchange Online.

Current status: We've determined that the URLs associated with these email messages are incorrectly marked as phish and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection. We've added the associated URLs for these affected email messages to an allow list and are currently monitoring as these actions reflect within our service. After we confirm these URLs have successfully been allowed, we'll conduct final testing with a subset of users in order to validate that this has remediated impact.

Scope of impact: Your organization is affected by this event, and some users attempting to send or receive Exchange Online email messages are impacted.

Root cause: The email messages are getting incorrectly marked as phish and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.

Next update by: Friday, February 6, 2026, at 2:00 AM UTC

Title: Some users' legitimate email messages are being marked as phish and quarantined in Exchange Online

User impact: Users' legitimate email messages are being marked as phish and quarantined in Exchange Online.

Current status: We're reviewing support provided information to determine our next troubleshooting steps.

Scope of impact: Your organization is affected by this event, and some users attempting to send or receive Exchange Online email messages are impacted.

Next update by: Thursday, February 5, 2026, at 5:30 PM UTC