A recent incident led Microsoft to identify an issue with its Exchange Online service that mistakenly flagged legitimate emails as phishing and quarantined them. “Some users’ legitimate email messages are being marked as phish[sic] and quarantined in Exchange Online,” added Microsoft.
The software giant traces the issue back to February 5, 2026, and says the issue continues to affect Exchange Online users, preventing them from sending or receiving emails.
We’ve determined that the URLs associated with these email messages are incorrectly marked as phishing and quarantined in Exchange Online due to ever-evolving criteria aimed at identifying suspicious email messages, as spam and phishing techniques have become more sophisticated in avoiding detection.
Microsoft
The company revealed that an updated URL detection rule was the root cause of the issue. Instead of correctly identifying spam and phishing emails, it mistakenly flagged legitimate messages in Exchange Online (via BleepingComputer).
In the interim, Microsoft engineers are actively working to release quarantined emails. As such, affected users might start seeing previously flagged emails in their inboxes.
“We’re reviewing the release of quarantined messages for affected users and working on confirming legitimate URLs are unblocked,” Microsoft indicated. “Some users may see their previously quarantined messages successfully delivered and we’re working to confirm full remediation. We’ll provide an estimated time to resolve when one becomes available.”
So, Microsoft is working to find a permanent solution to the issue. However, it hasn’t provided an exact timeline on when it should be able to completely mitigate it. The company will at least continue to uphold security protections against phishing threats.
Have you been impacted by the Exchnage Online bug flagging legitimate emails as phishing threats? Let me know in the comments section!
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.
