{"id":14672,"date":"2026-01-24T17:00:57","date_gmt":"2026-01-24T08:00:57","guid":{"rendered":"https:\/\/m365jp.net\/?p=14672"},"modified":"2026-01-24T17:10:05","modified_gmt":"2026-01-24T08:10:05","slug":"falsepositive-dz1220491-microsoft-defender-xdr-some-admins-may-see-automated-investigation-and-response-air-remediation-actions-affecting-more-email-than-intended","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-01-24-falsepositive-dz1220491-microsoft-defender-xdr-some-admins-may-see-automated-investigation-and-response-air-remediation-actions-affecting-more-email-than-intended","title":{"rendered":"[falsePositive] DZ1220491 | Microsoft Defender XDR | Some admins may see automated investigation and response (AIR) remediation actions affecting more email than intended"},"content":{"rendered":"
\n
\n
\n\n\n\n
DZ1220491 | Microsoft Defender XDR | Some admins may see automated investigation and response (AIR) remediation actions affecting more email than intended<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n\n\n\n\n\n\n\n\n\n
Status<\/th>\nfalsePositive<\/td>\n<\/tr>\n
Classification<\/th>\nadvisory<\/td>\n<\/tr>\n
User Impact<\/th>\nAdmins may see AIR remediation actions affecting more email than intended in Microsoft Defender for Office 365.<\/td>\n<\/tr>\n
Last Updated<\/th>\n01\/24\/2026 07:23:45<\/td>\n<\/tr>\n
Start Time<\/th>\n01\/21\/2026 16:24:35<\/td>\n<\/tr>\n
End Time<\/th>\n<\/td>\n<\/tr>\n
Latest Message<\/th>\nTitle: Some admins may see automated investigation and response (AIR) remediation actions affecting more email than intended<\/p>\n

User impact: Admins may see AIR remediation actions affecting more email than intended in Microsoft Defender for Office 365.<\/p>\n

More info: Some admins utilizing AIR remediation based on email subject matching may experience additional email being included in a remediation action beyond the originally intended scope.<\/p>\n

Admins can manually approve or deny the proposed remediation actions, and we advise admins to review these remediation actions for potentially impacted email messages from your organization. If admins are utilizing automated remediation actions, we advise admins to review these automated actions for additional email being included beyond the originally intended scope.<\/p>\n

Automated email remediation actions have been temporarily disabled while we investigate and work to resolve the offending impact scenario.<\/p>\n

Current status: We\u2019re performing an extended period of monitoring as events are continually processing. Although we have yet to gather a remediation timeline, we now anticipate that one will be provided by the time of our next scheduled communications update.<\/p>\n

Scope of impact: Your organization is affected by this event, and some admins attempting to utilize AIR remediation based on email subject matching in Microsoft Defender for Office 365 are impacted.<\/p>\n

Next update by: Saturday, January 24, 2026, at 12:00 PM UTC<\/td>\n<\/tr>\n

Machine Translation<\/th>\n\u30bf\u30a4\u30c8\u30eb:\u4e00\u90e8\u306e\u7ba1\u7406\u8005\u306f\u3001\u81ea\u52d5\u8abf\u67fb\u30fb\u5bfe\u5fdc(AIR)\u306e\u662f\u6b63\u63aa\u7f6e\u304c\u610f\u56f3\u4ee5\u4e0a\u306e\u30e1\u30fc\u30eb\u306b\u5f71\u97ff\u3092\u53ca\u307c\u3057\u3066\u3044\u308b\u3068\u611f\u3058\u308b\u304b\u3082\u3057\u308c\u307e\u305b\u3093<\/p>\n

\u30e6\u30fc\u30b6\u30fc\u3078\u306e\u5f71\u97ff:\u7ba1\u7406\u8005\u306f\u3001Microsoft Defender for Office 365\u3067\u610f\u56f3\u3057\u305f\u3088\u308a\u591a\u304f\u306e\u30e1\u30fc\u30eb\u306bAIR\u5bfe\u7b56\u304c\u5f71\u97ff\u3092\u53ca\u307c\u3057\u3066\u3044\u308b\u306e\u3092\u76ee\u306b\u3059\u308b\u3053\u3068\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n

\u8a73\u7d30\u60c5\u5831:\u30e1\u30fc\u30eb\u306e\u4ef6\u540d\u4e00\u81f4\u306b\u57fa\u3065\u304fAIR\u5bfe\u7b56\u3092\u5229\u7528\u3059\u308b\u7ba1\u7406\u8005\u306e\u4e2d\u306b\u306f\u3001\u5f53\u521d\u306e\u610f\u56f3\u7bc4\u56f2\u3092\u8d85\u3048\u305f\u8ffd\u52a0\u306e\u30e1\u30fc\u30eb\u304c\u4fee\u6b63\u63aa\u7f6e\u306b\u542b\u307e\u308c\u308b\u5834\u5408\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n

\u7ba1\u7406\u8005\u306f\u63d0\u6848\u3055\u308c\u305f\u4fee\u5fa9\u63aa\u7f6e\u3092\u624b\u52d5\u3067\u627f\u8a8d\u307e\u305f\u306f\u62d2\u5426\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u3001\u7d44\u7e54\u304b\u3089\u306e\u5f71\u97ff\u3092\u53d7\u3051\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u30e1\u30fc\u30eb\u306b\u3064\u3044\u3066\u306f\u3001\u3053\u308c\u3089\u306e\u5bfe\u7b56\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\u7ba1\u7406\u8005\u304c\u81ea\u52d5\u4fee\u5fa9\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u5f53\u521d\u306e\u610f\u56f3\u7bc4\u56f2\u3092\u8d85\u3048\u305f\u8ffd\u52a0\u306e\u30e1\u30fc\u30eb\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3001\u3053\u308c\u3089\u306e\u81ea\u52d5\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n

\u554f\u984c\u306e\u539f\u56e0\u3068\u306a\u308b\u5f71\u97ff\u30b7\u30ca\u30ea\u30aa\u306e\u8abf\u67fb\u3068\u89e3\u6c7a\u4f5c\u696d\u306e\u9593\u3001\u81ea\u52d5\u30e1\u30fc\u30eb\u5bfe\u5fdc\u306f\u4e00\u6642\u7684\u306b\u505c\u6b62\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n

\u73fe\u72b6:\u30a4\u30d9\u30f3\u30c8\u304c\u7d99\u7d9a\u7684\u306b\u51e6\u7406\u3055\u308c\u3066\u3044\u308b\u305f\u3081\u3001\u9577\u671f\u9593\u306e\u76e3\u8996\u3092\u884c\u3063\u3066\u3044\u307e\u3059\u3002\u307e\u3060\u662f\u6b63\u306e\u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u306f\u96c6\u307e\u3063\u3066\u3044\u307e\u305b\u3093\u304c\u3001\u6b21\u56de\u306e\u901a\u77e5\u66f4\u65b0\u307e\u3067\u306b\u63d0\u4f9b\u3055\u308c\u308b\u898b\u8fbc\u307f\u3067\u3059\u3002<\/p>\n

\u5f71\u97ff\u7bc4\u56f2:\u8cb4\u7d44\u7e54\u306f\u3053\u306e\u30a4\u30d9\u30f3\u30c8\u306e\u5f71\u97ff\u3092\u53d7\u3051\u3066\u304a\u308a\u3001Microsoft Defender for Office 365\u3067\u30e1\u30fc\u30eb\u306e\u4ef6\u540d\u30de\u30c3\u30c1\u30f3\u30b0\u306b\u57fa\u3065\u304fAIR\u5bfe\u7b56\u3092\u8a66\u307f\u308b\u7ba1\u7406\u8005\u306e\u4e00\u90e8\u304c\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059\u3002<\/p>\n

\u6b21\u56de\u66f4\u65b0:2026\u5e741\u670824\u65e5(\u571f)12:00 PM UTC<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

DZ1220491 | Microsoft Defender XDR | Some admins may see automated investigation and response (AIR) remediatio […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14672","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=14672"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14672\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=14672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=14672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=14672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}