Microsoft MFA outage blocking access to Microsoft 365 apps
Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps.
Some affected Microsoft 365 users also report that MFA registration and reset are not working.
"Users may be unable to access some Microsoft 365 Apps when authenticating with MFA," Microsoft said in an incident alert published in the admin center. "We're re-directing traffic to alternate healthy infrastructure while we continue to investigate the root cause of impact."
The company added that the incident only impacts users who use MFA for authentication in Microsoft 365 Office apps.
According to another admin center message, the company is also investigating reports that Microsoft 365 applications may unexpectedly crash on Windows Server 2016 devices.
"We're reviewing service monitoring telemetry to isolate the root cause and develop a remediation plan," Redmond says. "Impact is specific to some users who are served through the affected infrastructure."
Last month, Microsoft announced it was investigating a known issue that triggers "Product Deactivated" errors for customers using Microsoft 365 Office apps. One week earlier, another outage took down Office web apps and the Microsoft 365 admin center.
In November, A worldwide Microsoft 365 outage also impacted multiple services and features, including Microsoft Teams, Exchange Online, SharePoint Online, OneDrive, Purview, Copilot, and Outlook Web and Desktop.
Update: January 13, 05:51 EST: Microsoft says service availability has been restored, and the issue is resolved.
"We've identified that a section of infrastructure responsible for MFA operations unexpectedly became unresponsive," the company says in the admin center.
"We've completed an extended period of monitoring in which the service health has remained stable and are declaring this incident as resolved. Impact was specific to users are authenticating to our M365 Apps using MFA via infrastructure in Western Europe."
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
Ransomware on ESXi: The mechanization of virtualized attacks
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
HighPath Traversal
MediumCORS Misconfiguration
InformationalGraphQL Endpoint Supports Introspection
HighOut of Band XSS
InformationalSec-Fetch-Dest Header Has an Invalid Value
MediumInteger Overflow Error
Free online web security scanner