Security vendor Venafi warned that outages of this nature are likely to become more common as digital transformation accelerates, thus heightening the importance of key rotation.
![office 365 outage office 365 outage](https://servicesdown.ca/img/office-365-logo.png)
This exposed a bug where the automation incorrectly ignored that “retain” state, leading it to remove that particular key.Īzure Admin Portal, Teams, Exchange, Azure KeyVault, SharePoint, and Storage were all effected to a lesser or greater extent by the problem. Over the last few weeks, a particular key was marked as “retain” for longer than normal to support a complex cross-cloud migration. As part of standard security hygiene, an automated system on a time-based schedule removes keys that are no longer in use. The preliminary analysis of this incident shows that an error occurred in the rotation of keys used to support Azure AD’s use of OpenID and other identity standard protocols for cryptographic signing operations. This caused particular problems because the key was needed to manage a migration project, as the company explained: In a status update, Microsoft explained that the authentication problems arose because a key marked for retention had erroneously been deleted by the system. Problems in the periodic rotation of cryptographic keys caused authentication checks to fail for any application that relied on Azure Active Directory, causing problems that persisted overnight until engineers were able to apply a fix. The outage – which took down Teams, Exchange Online, and other 365 services – kicked in at around 19:00 UTC on Monday and was only resolved more than 14 hours later, at around 09:25 on Tuesday.
![office 365 outage office 365 outage](https://s3.amazonaws.com/media.mediapost.com/dam/cropped/2018/08/17/microsoftoffice365_zeD7YVi.jpg)
Microsoft has blamed a key rotation issue for a large-scale 365 outage that affected many of its services on Monday and Tuesday.
#OFFICE 365 OUTAGE OFFLINE#
Teams, Exchange Online, and other services were knocked offline for more than 14 hours