INFORMATION TECHNOLOGY CONSULTING & SUPPORT

Critical Update: Microsoft Exchange Online Issue Causing Emails with Images to be Flagged as Malware

Critical Update: Microsoft Exchange Online Issue Causing Emails with Images to be Flagged as Malware

Overview

Microsoft has identified an ongoing issue affecting some Exchange Online users, where emails containing images are being incorrectly flagged as malware and subsequently quarantined. This issue, classified under the Incident ID EX873252, began on August 26, 2024, and is currently causing service degradation across affected infrastructures. The Microsoft support and engineering teams are actively working on identifying the root cause and developing a remediation plan.

What You Need to Know

Incident ID: EX873252
Affected Service: Exchange Online
Current Status: Service Degradation
Issue Type: Incident
Start Time: August 26, 2024, 9:09 AM CDT
Next Update: August 26, 2024, 11:30 AM CDT

User Impact

Users who rely on Exchange Online may find that emails with embedded images are being falsely flagged as malware. This issue results in those emails being quarantined, preventing their delivery to the intended recipients.

Scope of Impact

The issue is not universal but affects a subset of users connected to specific Exchange Online infrastructures. Microsoft is currently reviewing service monitoring telemetry to isolate the problem. It is essential for administrators to monitor the situation closely, especially if your organization relies heavily on image-based communication.

Detailed Technical Background

This problem appears to stem from the way Microsoft Defender for Office 365 handles Safe Attachments policies. These policies are designed to protect against malicious files by scanning email attachments. However, in this case, the scanning process is incorrectly identifying legitimate images as malware. Once flagged, the emails are quarantined, where they await further review by administrators or are automatically deleted after a set period​

Administrators can access quarantined messages and manage them via the Microsoft Defender portal, but users might face delays or disruptions in communication while this issue persists. It is also important to note that the quarantine policy settings could prevent users from releasing quarantined emails themselves​

Immediate Actions

  1. Monitor Quarantined Emails: Administrators should regularly check the quarantine section in the Microsoft Defender portal to identify and release falsely flagged emails.
  2. Stay Informed: Microsoft has promised to provide updates by 11:30 AM CDT on August 26, 2024. Keep an eye on the official channels for further developments.
  3. Feedback to Microsoft: If your organization is affected, you can provide feedback to help prioritize the resolution of this issue.

Conclusion

Microsoft Exchange Online users are currently facing challenges with emails containing images being incorrectly flagged as malware. Microsoft is working on a fix, but in the meantime, it’s crucial to monitor quarantined emails and stay informed through the official updates. This incident highlights the importance of robust email security settings and the need for vigilance when such issues arise.

Request you Free IT Assessment Today

Upgrade, Update & Secure your Network

Share this article now!
Facebook
LinkedIn
Twitter
Email

More To Explore

Do You Want To Secure Your Business?

drop us a line and keep in touch

IT Deployment

Pay your services here

Paypal

Dear Customer, you can submit your payment just clicking PAY NOW