It quickly became clear that the whole thing was related to firewall solutions used by Microsoft. Blog reader Markus pointed me to this post<\/a> from Bleeping Computer via email (thanks for that). The outage was triggered by a false alarm in the firewall in use, which prevented users from connecting to Exchange Online, Microsoft Teams, Outlook desktop clients and OneDrive for Business.<\/p>\n A Cisco employee addressed this in this forum post<\/a>. A vulnerability reported by Microsoft, CVE-2022-35748, triggers SNORT rule 1-60381, which caused problems with communication through the firewall.\u00a0In the meantime, however, Microsoft has probably fixed the problem (see also the notes at Bleeping Computer).<\/p>\n Blog reader Andreas P. sent me the following excerpts from the status area of the Admin Center (thanks for that).<\/p>\n Published Time: 10.08.2022 19:56:28 Note: Wrong product name used initially has been amended.<\/p>\n","protected":false},"excerpt":{"rendered":" On August 10, 2022, Microsoft 365 services experienced an outage that specifically affected North America but also EMEA. Users had problems with Office 365, Outlook and other services. It was probably due to a false alarm within the Cisco Meraki\u00a0firewall … Continue reading ![](\"https:\/\/i.imgur.com\/IpSGjtM.png\")
<\/a><\/p>\n
\nThe firewall partner is currently reviewing options to remediate impact.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 19:02:39
\nTitle: Some users may be unable to connect to multiple Microsoft 365 services.
\nUser Impact: Users may be unable to connect to multiple Microsoft 365 services.
\nMore info: Impacted services include, but are not limited to:
\n– Outlook desktop client
\n– OneDrive for Business
\n– Microsoft Teams
\nAffected customers have reported that disabling firewall rules blocking TLS 1.2 is mitigating impact. Some firewall vendors have published guidance on disabling the impacting rules, and we recommend contacting your firewall vendor for further assistance.
\nCurrent status: We continue to work with the firewall partner to investigate a Snort rule which is contributing to impact. Our focus remains on mitigation and from user reports, disabling the specific firewall rule provides immediate relief. Additionally, we continue to investigate recent changes within the Microsoft-managed environment to rule out potential causes of impact.
\nScope of impact: At this time, impact appears to be specific to some users who are served through the affected infrastructure.
\nNext update by: Wednesday, August 10, 2022, at 6:30 PM UTC
\nPublished Time: 10.08.2022 18:41:46
\nWe're continuing to work with the firewall partner to investigate the issue. Additionally, we monitoring feedback from impacted organizations that disabling a specific firewall rule, which blocks TLS 1.2, is mitigating impact.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 17:25:42
\nTitle: Some users may be unable to connect to multiple Microsoft 365 services.
\nUser Impact: Users may be unable to connect to multiple Microsoft 365 services.
\nMore info: Impacted services include, but are not limited to:
\n– Outlook desktop client
\n– OneDrive for Business
\n– Microsoft Teams
\nAffected customers have reported that disabling firewall rules blocking TLS 1.2 is mitigating impact.
\nCurrent status: We've identified an increase in errors related to TLS 1.0 and 1.1 across Microsoft 365 services. We've confirmed that there have not been any recent changes to the service feature which is blocking the traffic. We're continuing to engage with the firewall partners to assist our investigation into the potential blocking of legitimate traffic. Additionally, we're working with impacted users to gather client logs.
\nScope of impact: At this time, impact appears to be specific to some users who are served through the affected infrastructure.
\nNext update by: Wednesday, August 10, 2022, at 5:00 PM UTC
\nPublished Time: 10.08.2022 17:01:14
\nWe're directly working with some of the affected users to aid in our investigation while continuing to engage with our firewall partners. Analysis into Microsoft 365 client endpoints is ongoing.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 16:28:30
\nWe're looking at recent changes made within the Microsoft-managed infrastructure and reviewing endpoints that are leveraging TLS 1.2. Additionally, we're contacting firewall partners to assist our investigation.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 15:53:29
\nTitle: Some users may be unable to connect to multiple Microsoft 365 services.
\nUser Impact: Users may be unable to connect to multiple Microsoft 365 services.
\nMore info: Impacted services include, but are not limited to:
\n– Outlook desktop client
\n– OneDrive for Business
\n– Microsoft Teams
\nCurrent status: After analyzing system telemetry and Fiddler logs from impacted users, we suspect that third-party firewall devices are potentially blocking legitimate Microsoft traffic. Affected customers have reported that disabling firewall rules blocking TLS 1.2 is mitigating impact. We're continuing our investigation into the underlying cause.
\nScope of impact: At this time, impact appears to be specific to some users who are served through the affected infrastructure.
\nNext update by: Wednesday, August 10, 2022, at 3:30 PM UTC
\nPublished Time: 10.08.2022 15:25:09
\nSome customers are able to mitigate impact by disabling a firewall rule that is blocking TLS 1.2.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 14:57:17
\nWe're reviewing Exchange trace logs (ETL) from users who are experiencing impact. We believe the issue may be related to Active Directory (AD) services and are investigating this further.
\nThis quick update is designed to give the latest information on this issue.
\nPublished Time: 10.08.2022 14:41:52
\nTitle: Some users may be unable to connect to multiple Microsoft 365 services.
\nUser Impact: Users may be unable to connect to multiple Microsoft 365 services.
\nMore info: Impacted services include, but are not limited to:
\n– Outlook desktop client
\n– OneDrive for Business
\n– Microsoft Teams
\nCurrent status: We're reviewing system telemetry to isolate the source of the issue. Additionally, we're working with impacted users to gather network trace logs to assist our investigation.
\nScope of impact: At this time, impact appears to be specific to some users who are served through the affected infrastructure.
\nNext update by: Wednesday, August 10, 2022, at 2:00 PM UTC<\/p><\/blockquote>\n