| MO1176905 | Microsoft 365 suite | Some admins or users may be unable to access multiple Microsoft 365 services |
|---|
| Status | serviceDegradation |
|---|---|
| Classification | advisory |
| User Impact | Admins or users may be unable to access multiple Microsoft 365 services. |
| Last Updated | 11/03/2025 14:42:15 |
| Start Time | 10/21/2025 13:50:39 |
| End Time | |
| Latest Message | Title: Some admins or users may be unable to access multiple Microsoft 365 services
User impact: Admins or users may be unable to access multiple Microsoft 365 services. More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor. While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact. 1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”. Reference: learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps 2. Run Search-UnifiedAuditLog and retrieve audit logs: $AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000 3. Filter logs matching the issue and replace “Group_” in ObjectID: $GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”} * Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup. 4. You can verify each group info to see which ones were affected with the following command: $GroupID | Get-UnifiedGroup -ResultSize Unlimited 5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”. 6. Update SecurityEnabled to True: $GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}} Current status: Our development of the fix in ongoing and we’ll share a completion timeline when one becomes available. Whilst we work on developing our fix to update the SecurityEnabled property from False to True, admins can continue using the cmdlets shared in the “More info” section to remediate the impact. Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted. Start time: Tuesday, October 7, 2025, at 8:27 AM UTC Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact. Next update by: Friday, November 7, 2025, at 3:30 PM UTC |