[German]I would like to ask the administrators among the readership if anyone else is experiencing the effect mentioned here. An administrator contacted me because he has been getting reports of supposedly corrupt notifications from Teams for days. In use is Exchange Online and also the ZAP feature of Defender from Microsoft Office 365.
Advertising
An German administrator contacted me by mail today because he has been suffering from supposed false alarms in his environment concerning harmful Teams notifications. Regarding this, the person wrote me the following (translated):
Subject: Allegedly corrupted notifications from teams in EXonline by Defender-ZAP.
Hello Mr. Born,
We are currently receiving very sporadic notifications via email that malicious mails have been detected and removed via ZAP.
It concerns here exclusively emails from teams to the information for new group memberships, etc. concerns.
Is it possible that an internal security feature at MS has been set too sharply, due to the threats in teams?
The affected person referred to my blog post Microsoft's warning: Teams users targeted by Russian attackers (Midnight Blizzard) and sent me the following screenshot, which is supposed to show some of the emails and Defender information that are affected.
To briefly explain the term, Defender ZAP probably refers to the Zero-Hour Auto Purge feature that is available in certain plans under Microsoft Defender for Office 365. This performs an automatic purge for email messages, but also in Microsoft Teams for notifications. The feature is explained in this Microsoft support post. EXonline probably means Exchange Online.
The German administrator asked if any blog reader has observed a similar issue. After publishing this yesterday within my German blog, I got feedback from admins, that they are observing such notifications from ZAP.
Advertising
Advertising
