💡 Our Technical Review in summary
1. Summary
A service degradation is affecting Microsoft 365 Groups that were previously configured with the “SecurityEnabled” property set to True. Due to a recent API flow upgrade, this setting was inadvertently reverted to False by default. This change breaks service access for any users or administrators whose permissions are managed through these specific groups.
2. Impact
Affected administrators and users may be unable to access various Microsoft 365 services. The impact is limited to environments where service access is specifically controlled by Microsoft 365 Groups that require the “SecurityEnabled” flag to be active.
3. Status
- Current Status: Service Degradation / Advisory.
- Progress: Microsoft is in the final stages of deploying an automated fix. Reports indicate the majority of affected groups have already been restored.
- Root Cause: A service operation intended to upgrade API workflows triggered the configuration reset.
- Manual Remediation: Admins who remain impacted can manually restore the property using PowerShell. This involves:
- Searching Unified Audit Logs for “Update group” operations by the “Group Configuration Processor.”
- Identifying affected Group IDs.
- Using the Microsoft Graph PowerShell module (
Update-MgGroup) to setSecurityEnabledback to$true.
- Next Update: Scheduled for Tuesday, March 3, 2026.
Microsoft Official Issue Details
User Impact
Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
Status: serviceDegradation
Service: Microsoft 365 suite
Classification: advisory
Origin: microsoft
Updates
- 2026-02-24 09:28
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=ex…
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
Current status: We’re in the final stages of deploying the fix and expect completion by the next scheduled update. We’ve also confirmed with affected users that the majority of groups are now resolved.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Tuesday, March 3, 2026, at 11:00 AM UTC
- 2026-02-23 09:30
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=ex…
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
Current status: While we continue deploying the fix and exploring ways to accelerate rollout, we’ve identified that the fix has not yet resolved impact for some groups. We’re engaging with affected users to confirm which groups remain impacted.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Tuesday, February 24, 2026, at 12:00 PM UTC
- 2026-02-20 10:20
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=ex…
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
Current status: We’re continuing to evaluate options to accelerate analysis of the timeout issues so we can efficiently resume the deployment.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Monday, February 23, 2026, at 12:30 PM UTC
- 2026-02-06 11:19
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=ex…
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
Current status: Our analysis of the aforementioned timeout issues is taking longer than we expected. This is required so we can efficiently resume the deployment on the remaining impacted groups. We’re working to identify options that can accelerate the progress of analyzing timeout issues.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, February 20, 2026, at 12:30 PM UTC
- 2026-02-06 06:29
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: We’re continuing our analysis of the aforementioned timeout issues so we can efficiently resume the deployment on the remaining impacted groups.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, February 6, 2026, at 12:30 PM UTC
- 2026-01-30 06:38
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: We’ve identified that the deployment of the fix has encountered unexpected timeout issues that’s preventing it from fully saturating all impacted Microsoft 365 Groups. While we’ve confirmed that the majority of groups have successfully received the fix, we’re further investigating the timeout issues to identify how we can efficiently resume the deployment on the remaining impacted groups.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, February 6, 2026, at 8:00 AM UTC
- 2026-01-23 06:11
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: The fix deployment is progressing as expected and we’re continuing to monitor as it saturates.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, January 30, 2026, at 8:00 AM UTC
- 2026-01-16 06:19
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: The deployment of the fix has resumed and we’re monitoring as it saturates for timeout errors and latency issues. We continue to anticipate the fix to complete by the end of January 2026.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, January 23, 2026, at 8:00 AM UTC
- 2026-01-12 07:13
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: While monitoring the deployment of the fix, we’ve identified an increase in timeout errors and latency that’s preventing some groups from successfully receiving the fix. We’ve halted the deployment and are actively working to resolve the timeout issues occurring on a subset of affected groups. Once the deployment resumes, we’ll continue to closely monitor and resolve any timeout or latency issues groups encounter before proceeding with the deployment to ensure the issue is fully resolved. Due to the complexity of the issue, we expect it may take until the end of January 2026 for all affected groups to be fixed, and we anticipate users in affected groups will experience remediation incrementally while the deployment progresses.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Friday, January 16, 2026, at 8:00 AM UTC
- 2026-01-10 06:05
Title: Some admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 servicesUser impact: Admins and users managed through Microsoft 365 Groups may be unable to access some Microsoft 365 services.
More info: This issue specifically affects admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True”.
While we finalize the deployment of our fix to restore the appropriate configuration for the impacted Microsoft 365 Groups, affected admins can follow the steps below to manually restore the SecurityEnabled property configuration and resolve the impact:
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”, then run the following command to retrieve audit logs specific to this scenario:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000.2. Filter logs matching the issue to gather affected group info by running the following two commands:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
3. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All” and then run the following command to restore the SecurityEnabled property for the affected groups to True, which should remediate the impact:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
For further information on how to run Microsoft Graph PowerShell commands and cmdlets or guidance on connecting to Exchange Online through PowerShell, please reference the following documentation:
https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
Current status: Through further analysis and investigation, we’ve clarified that a recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups. We’re finalizing the rollout of our fix to restore the impacted groups and anticipate the remaining impact may be remediated by the time of our next scheduled update.
Scope of impact: Admins and users whose service access is managed by Microsoft 365 Groups that were previously configured with the “SecurityEnabled” setting set to “True” may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent service operation intended to upgrade our API flow impacted Microsoft 365 Groups that were previously configured to have the “SecurityEnabled” setting enabled, switching this value back to “False” by default and resulting in impact to admins and users whose service access was being managed by the affected groups.
Next update by: Monday, January 12, 2026, at 8:00 AM UTC
- 2026-01-09 20:13
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: While we monitor the fix deployment as it completes, we’ve updated the “More info” section to correct an incomplete URL which was shared under step 5. Additionally, we’ll provide further clarifying information regarding which specific services are impacted by this event as this information becomes available.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Saturday, January 10, 2026, at 6:30 AM UTC
- 2026-01-05 06:25
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 50003. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}Current status: We’ve deployed the fix to one of the affected environments and have seen some initial recovery. We’re continuing to monitor as the deployment saturates the remaining impacted environments, which we expect to be fully deployed and the impact remediated by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, January 12, 2026, at 8:00 AM UTC
- 2025-12-29 06:51
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 50003. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}Current status: We can confirm that the deployment has completed for our internal testing environment and that we are now moving forward with deploying the fix to the remaining affected environments upon final validations.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, January 5, 2026, at 8:00 AM UTC
- 2025-12-19 06:02
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 50003. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}Current status: We’ve completed the validation of our fix in our internal testing environment and are initiating the roll out of the fix to all affected environments. We’ll provide a timeline for full deployment and remediation as it becomes available.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted. This section may be updated as our investigation continues.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, December 29, 2025, at 7:30 AM UTC
- 2025-12-15 06:31
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: The deployment of the initial fix has completed, though we’ve identified a secondary deployment is needed to ensure the impact is fully remediated. We’ve started deploying the secondary fix to our internal testing environment, and we’ll aim to provide a resolution timeline by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, December 19, 2025, at 7:30 AM UTC
- 2025-12-08 08:27
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: The deployment of the fix is ongoing and is expected to complete by Monday, December 15, 2025.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Estimated time to resolve: Monday, December 15, 2025
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, December 15, 2025, at 7:30 AM UTC
- 2025-12-05 15:14
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’re continuing to deploy the fix and will share a completion timeline when one becomes available.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, December 8, 2025, at 1:00 PM UTC
- 2025-11-28 15:22
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’ve deployed a part of the fix and have also successfully tested the remaining part of the fix which is being deployed to the affected infrastructure. We anticipate that this should complete by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Estimated time to resolve: Friday, December 5, 2025
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, December 5, 2025, at 3:30 PM UTC
- 2025-11-21 15:22
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’ve validated a part of the fix which is ready to be deployed, and the remaining part of the fix is under review to be tested prior to deploying it to the affected infrastructure. We anticipate to provide the estimated deployment time line by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, November 28, 2025, at 3:30 PM UTC
- 2025-11-14 14:09
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’ve developed the aforementioned fix to address the impact. We’re now conducting a validation and testing process to ensure the effectiveness of the fix prior to deploying it to the affected infrastructure. We expect to share an estimated deployment time line by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, November 21, 2025, at 3:30 PM UTC
- 2025-11-07 14:03
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powe…
6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’re proceeding to develop a fix to address the impact and will begin testing once development is complete to ensure effectiveness before deployment. We expect to share an estimated completion time by our next scheduled update.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, November 14, 2025, at 3:30 PM UTC
- 2025-11-03 14:42
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: Our development of the fix in ongoing and we’ll share a completion timeline when one becomes available. Whilst we work on developing our fix to update the SecurityEnabled property from False to True, admins can continue using the cmdlets shared in the “More info” section to remediate the impact.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, November 7, 2025, at 3:30 PM UTC
- 2025-10-27 15:01
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can run the following cmdlets to mitigate the impact.
1. Connect to Exchange Online PowerShell with “Connect-ExchangeOnline”.
Reference: https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
2. Run Search-UnifiedAuditLog and retrieve audit logs:
$AuditLog = Search-UnifiedAuditLog -Operations “Update group” -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -ResultSize 5000
3. Filter logs matching the issue and replace “Group_” in ObjectID:
$GroupID = $AuditLog | % {ConvertFrom-Json $_.AuditData} | ? {($_.Actor -match “Group Configuration Processor”) -and ($_.ModifiedProperties -match “SecurityEnabled”)} | % {$_.ObjectId -replace “^.*Group_”, “”}
* Because ObjectID from UnifiedAuditLog starts with “Group_”, it cannot be used directly with Get-UnifiedGroup.
4. You can verify each group info to see which ones were affected with the following command:
$GroupID | Get-UnifiedGroup -ResultSize Unlimited
5. Connect to Microsoft Graph PowerShell with Connect-MgGraph -Scope “Group.ReadWrite.All”.
Reference: https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0
6. Update SecurityEnabled to True:
$GroupID | % {Update-MgGroup -GroupId $_ -BodyParameter @{SecurityEnabled = $true}}
Current status: We’re continuing to develop and validate our fix, designed to update the SecurityEnabled property from False to True, and we expect the validations and deployment to complete in two to three weeks. We’ll provide an updated deployment timeline as one becomes available. While we work on deploying our fix to update the SecurityEnabled property from False to True, admins can use the cmdlets shared in the “More info” section to remediate the impact.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, November 3, 2025, at 3:30 PM UTC
- 2025-10-24 10:12
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
Current status: We’ve developed a potential fix to update SecurityEnabled from False to True for the remaining affected groups. The fix is currently undergoing internal validation to ensure it fully mitigates the issue before deployment to the affected environments.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Monday, October 27, 2025, at 3:30 PM UTC
- 2025-10-23 05:42
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
Current status: We’re continuing to explore options for updating the SecurityEnabled to True from False for the remaining affected groups. Additionally, our ongoing monitoring indicates that new properties are unaffected.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Start time: Tuesday, October 7, 2025, at 8:27 AM UTC
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Friday, October 24, 2025, at 10:30 AM UTC
- 2025-10-22 05:58
Title: Some admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the SecurityEnabled property changed to False by the Group Configuration Processor.
Current status: We’ve received confirmation that reverting the offending change which caused to the Group SecurityEnabled property to change to False as default completed, and new properties are no longer being set to False by default. Additionally, we’re exploring options on how to update the SecurityEnabled to True from False for the remaining affected groups to ensure the underlying issue is fully resolved.
Scope of impact: Any admin or users attempting to access any Microsoft 365 services with the Microsoft 365 Group SecurityEnabled set to false may be impacted.
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Thursday, October 23, 2025, at 7:00 AM UTC
- 2025-10-21 13:52
Title: Admins or users may be unable to access multiple Microsoft 365 servicesUser impact: Admins or users may be unable to access multiple Microsoft 365 services.
More info: This specifically impacts Microsoft 365 services that have the Microsoft 365 Group SecurityEnabled changed to false.
Current status: We’ve identified that a recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact. We’ve reverted the aforementioned change, and we’re working with affected users to verify that impact has been fully resolved.
Scope of impact: Your organization is affected by this event, and any admin or users attempting to access any Microsoft 365 services with Microsoft 365 Group SecurityEnabled set to false is impacted.
Root cause: A recent change caused a misconfiguration, which led to the Microsoft 365 Group SecurityEnabled being changed to false as default, resulting in impact.
Next update by: Wednesday, October 22, 2025, at 7:00 AM UTC
