Microsoft: Anti-Spam Glitch Prevents Links from Functioning in Exchange Online and Teams

Microsoft is currently addressing a known issue affecting Exchange Online and Microsoft Teams users, where an anti-spam service mistakenly blocks access to URLs and quarantines certain emails. According to a service alert reported by BleepingComputer, the problem arises from the anti-spam engine incorrectly identifying URLs embedded within other URLs as potentially malicious. This issue began on September 5th, prompting alerts to administrators indicating “A potentially malicious URL click was detected involving one user,” despite the URLs being confirmed as safe. Microsoft has identified over 6,000 affected URLs and is working to unblock them while recovering any messages or URLs that were incorrectly flagged. Engineers have implemented a fix to prevent syncs from entering a quarantine state, although further work is needed to address additional URLs impacted by the faulty anti-spam models.

While Microsoft has made progress in resolving these false positive issues, the company continues to tackle the residual effects of the problem. A September 8th update indicated that a new subset of URLs had been identified as impacted, and efforts are underway to rectify this situation. Although Microsoft has not disclosed the number of affected customers or regions, this incident has been classified as one with noticeable user impact. The company has faced similar challenges throughout the year, including instances where machine learning models incorrectly flagged emails from Gmail and Adobe as spam. As cybersecurity remains a critical concern, the Picus Blue Report 2025 offers insights into trends in prevention, detection, and data exfiltration. 

Categories: Anti-Spam Issues, Service Disruptions, URL Blocking 

Tags: Microsoft, Anti-Spam, Exchange Online, Microsoft Teams, URLs, Quarantine, False Positives, Service Alert, Incident, Machine Learning