A widespread issue with Microsoft’s anti-spam filtering service is preventing some Exchange Online and Microsoft Teams users from opening URLs, disrupting workflows across organizations.
The problem, tracked under Microsoft advisory MO1148487, remains ongoing as the company works on a permanent fix.
According to Microsoft, the issue stems from an anti-spam detection mechanism that is mistakenly flagging certain URLs as malicious.
Specifically, URLs nested within other URLs have been incorrectly identified as threats. As a result, impacted users are unable to open hyperlinks shared in Exchange Online emails or Microsoft Teams chats.
In addition to blocking link access, administrators have reported false alerts titled “A potentially malicious URL click was detected involving one user.”
Microsoft has confirmed that the URLs being flagged are safe and emphasized that the warnings are erroneous. Some email messages have also been quarantined unnecessarily, adding to the disruption for businesses relying on Exchange and Teams for communication.
The problem has led to confusion in organizations where security alerts typically trigger incident response processes. While the impact is widespread, Microsoft has assured users that the majority of issues have already been mitigated. However, residual link-access problems remain for some users as the company continues to fine-tune its anti-spam service.
Microsoft’s Response and Next Steps
In its latest update on September 9, 2025, at 08:25 AM UTC, Microsoft announced that it had identified a new subset of affected URLs and is actively addressing them alongside any leftover impacts from the initial issue. Engineers are also performing a root cause analysis to prevent recurrence.
Microsoft stated: “We’re confident that a majority of the impact has been resolved, and we’re actively addressing lingering issues. Our teams are continuing to examine the anti-spam detection systems that incorrectly flagged these URLs.”
The company has set the next official progress update for 6:00 PM UTC on September 9, 2025. Until then, customers may experience intermittent issues opening links in affected messages.
Microsoft has advised admins and users to monitor the Service Health Dashboard for updates. While the company continues to remediate, organizations are urged not to treat the current alerts as genuine threats, as the flagged URLs have been confirmed to be safe.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Source link
