Read Time:109 Minute, 33 Second

Microsoft が提供する Microsoft 365 のサービス正常性（MO414814）にて、一部のユーザーで、Microsoft 365 のデスクトップクライアントにサインインが行えずにエラーが返されることがある SI（サービスインシデント）が発生していました。

本事象は、ブラウザーおよびモバイルアプリケーションの Microsoft 365 サービスでは影響の受けない問題になります。

なお、この問題の影響を受けるデバイスは、Windows のみに限定され、ユーザーには、Microsoft 365 デスクトップクライアントのウィンドウが突然閉じたり、エラーメッセージやポップアップが表示されずに開かなかったりすることがあります。

また、一部ユーザーでは、”パスワードが必要です”、または “アカウントに問題があります” と表示されることもあります。

なお、影響を受けているユーザーは、資格情報プロンプトによるサインインを試したり、アプリケーションの再起動、デバイスの再起動を行っても影響を受けるデスクトップクライアントでサインインが行えなくなります。

影響を受けるデスクトップクライアントは以下になります。

・Microsoft Teams
・Microsoft Outlook
・OneDrive for Business
・Microsoft Excel
・Microsoft PowerPoint
・Microsoft Word
・Microsoft OneNote

この問題は、デスクトップクライアントの認証を容易にする Web アカウントマネージャープラグインが意図しない要因により、影響を受けるユーザーのデバイス上からアンインストールされたために発生した問題になります。

なお、上記影響を受けている環境では、Azure Active Directory（AAD）に接続された Windows のデバイスに対して、ネットワーク上で実行するように設定することのできるリモートスキャンツールである Tenable / Nessus プラグインを実行しています。

しかしながら、このリモートスキャナーを経由して実行することができるツールの Tenable / Nessus プラグインが各エンドポイントに存在しないか、確認できないことにより発生している可能性があります。

さらに、エンドユーザーや管理者は組織が脆弱性管理のために Teneable を利用していることに気づいていない可能性もあります。

この問題の影響を自分の組織が影響を受けたユーザーがいる場合、組織内の IT 部門に連絡し、Tenable が利用されているか同課の確認を行ってください。

組織内で影響を受ける Tenable プラグインをユーザーの環境で利用していないことが確認できた場合、この問題の影響を受けることはありません。

この問題は、組織内のサポートエスカレーションに従って関係のある問題であるかを含めて確認することをオススメします。

なお、現在は、Windows Troubleshooter の修正で影響を受ける環境での緩和を確認しており、Windows Troubleshooter を有効にしている組織では自動的に修正を展開されます。

しかしながら、グループポリシーまたは、Microsoft Endpoint Manager（MDM）経由で Windows Troubleshooter を無効にしている組織では、自動的に修正の展開が行われないため、以下に記載されている手順に従って問題の解決を行ってください。

この問題の修正について、Tenable / Nessus（サードパーティープロバイダー）が Microsoft のエンジニアリングチームと共同で詳細な情報とユーザー向けのガイダンスを公開しています。

下記記事の内容を確認の上、本事象による影響の軽減を行ってください。

https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD

さらに、Microsoft では、影響を受けるユーザーに対して大規模またはデバイスごとに本事象を解決するためにユーザーが実施できる追加のガイダンスの詳細を捕捉記事として公開しています。

https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps

この問題の影響を受ける組織のユーザーに与えた影響やいくつかのシナリオでは現在も一部のユーザーで影響を与えていることを確認しているいため、本事象の問題を解決できないユーザーは、Microsoft のサポートへ連絡を行うことをオススメします。

5 営業日以内に PIR（Post – Incident Report）を公開します。

・2:28 AM – After analyzing preliminary diagnostics, we were unable to isolate a root cause. We started investigating the authentication layer and suspected that a WAM token was not working as expected.
・4:03 AM – We determined that the AADBroker plugin may have been unregistered, preventing AAD users from receiving tokens.
We developed a PowerShell command which provided interim relief to some customers who had reported the issue.
We continued to focus on understanding why the plugin became unregistered.
・6:14 AM – We continued to investigate why the plugin was in an unregistered state.
This included reviewing recent authentication layer changes and analyzing Application Package Deployment (Apex) debug logs from some impacted devices.
We identified that a re-registration of the AADBroker plugin was triggered on affected devices, however, the re-registration failed.
At this time, we did not know why either the re-registration was triggered or why it failed.
・6:19 AM – We confirmed that there had not been any recent Windows updates to the AADBroker plugin service.
・5:29 PM – Our focus was on third-party apps, including anti-virus software which scan file systems and could be contributing to impact.
As many customer environments are different, we worked with the reporting customers to find out what Windows version and build they were running, what anti-virus software they were running (along with updates and version numbers), and what security software they were running.
・6:58 PM – Engineering resources joined a conference call with some impacted users to further debug and collect additional data.
・8:00 PM – We received feedback that the PowerShell script was not providing the expected relief for several reporting customers.
We updated the script to address the reported issues and worked to update our communication providing the new script.
・2:20 AM – We isolated log errors and determined that rerouting ECS traffic to alternate components would provide relief.
・10:18 PM – After a collaboration call with some impacted users, we started to analyze the gathered diagnostic data.
As there was a large amount of data to analyze, this was expected to take an extended period of time to complete.

Thursday, August 18

・2:00 AM – We started to determine the specific filtering needed during the collection of a Process Monitor (ProcMon) log to target the app data in the Microsoft.AAD.BrokerPlugin section of the folder.
This could be used to identify why the AADBroker plugin tried to re-register.
However, the problem is that we needed the logging enabled for when a device entered the unhealthy state, which could be at any time and made it difficult to capture the specific moment needed.
・4:33 AM – We gave support resources with the ProcMon gathering steps to provide to impacted customers.
・4:19 PM – We narrowed down the logic flow of failure and identified a ‘Sharing Violation’ error was occurring when the App model was trying to load the AADBroker Plugin setting.
This highlighted that another application or service was holding and locked the access.
With how the App model logic works, when it is unable to load the setting properly, it tries a best effort to repair.
In this case, this involved an unregister and re-register of the AADBroker plugin.
The unregister action processed correctly, however, the re-register failed as the lock was still occurring.
・5:08 PM – We continued to review commonalities in applications used, Windows versions and builds, security software used at organizational levels and Anti-Virus (both Microsoft-managed and third-party) services on impacted devices.
・6:15 PM – We performed additional checks and confirmed that the August 2022 ‘Patch Tuesday’ Windows update did not contribute to impact.
・8:08 PM – After reviewing Microsoft Defender logs from several impacted devices, we ruled out Microsoft Defender as a cause of impact, because it did not attempt to open or process this specific app data file.
・8:14 PM – We started to receive additional data, notably further ProcMon logging, which helped us to isolate which service element or third-party app could be causing unsuccessful user log-ins.
・8:20 PM – We tried to create a local reproduction of the attempted recovery process of unregistering and re-registering the AADBroker Plugin, to try and identify what is causing the locking.
・10:17 PM – We focused into three work streams to streamline the investigation :
1. We attempted to create a consistent reproduction of the issue during the triggering of the recovery actions.
We could then begin testing potential fix options.
2. We worked to gather dumps from CryptSvc, which would provide greater insight into registry entries and the authentication layer.
3. We asked support resources to capture data from active reproductions before applying mitigations.
・11:55 PM – We were able to create a consistent reproduction of the issue in a test environment and started to test potential fixes.

Friday, August 19

・4:00 AM – We’ve identified a possible root cause for the service repair action failing which would lead to the Microsoft.AAD.BrokerPlugin being removed from affected devices.
We begin testing internally and correlating with reporting customers to gather supporting evidence.
・4:24 AM – We identify a potential issue with the logic in the CryptSvcs that may be causing the service to stall while processing.
We perform a more thorough analysis to determine if this is a contributing factor.
・5:19 AM – We determine the potential source of the CryptSvcs issue and begin working on a potential mitigation.
Concurrently, we begin collecting additional log data from users while reproducing the issue.
・9:20 AM – We start building a Windows Troubleshooter fix as a more expedited mitigation option versus the aforementioned fix.
・4:16 PM – We complete the initial build for the Windows Troubleshooter fix and begin testing.
・4:44 PM – We perform an analysis on logs collected from affected users.
We also implement a change to gather further detailed diagnostics within the Diagnostics Tracker (DiagTrack) service, which gathers Windows device diagnostics.
・7:55 PM – Our initial testing for the Windows Troubleshooter fix has been completed and we begin investigating the most appropriate delivery method to target affected devices.
・8:26 PM – We enable enhanced Process Monitoring to run a portion of devices as part of our effort to determine if any additional factors could be contributing to the issue.
・10:12 PM – We complete more robust testing of the fix and validate internally that the changes are working as expected.
・10:54 PM – We continue our testing of the fix, which is intended to address devices currently in a degraded state.
In parallel, we review workstreams developed to prevent new users from entering a state where this issue can occur.
・11:45 PM – We complete our internal validation of the fix and begin working with some of the affected customers to determine if it remediates impact.

Saturday, August 20

・4:23 AM – We identify some potential issues with Tanium during our review of the collected logs.
We focus on the behavior and work to identify any code patterns that would help narrow the investigation.
・6:22 AM – We begin applying the Troubleshooter fix with one of the affected customers.
・2:52 PM – We complete our application of the fix and being monitoring to confirm it mitigates impact for the affected customer.
・4:10 PM – We receive detailed process monitoring and diagnostic data from another customer.
Our preliminary investigation isolates errors from multiple third-party plug-ins, which are being investigated.
・9:25 PM – We start contacting customers using one of those plug-ins, Tanium, to collect additional logs.
・10:02 PM – We complete our fix testing with the affected customer and identify additional requirements to include that will further improve the repair steps.
We begin working to implement these updates and perform additional testing.

Sunday, August 21

・4:58 AM – We complete our updates to the fix and begin additional testing with the affected customer, which is expected to require approximately 12 hours to complete.
・5:14 PM – We review release notes and changes across third-party plug-ins.
・6:41 PM – Our testing of the fix with the affected customer was not successful and we analyze log data to determine why the failure occurred.
・11:30 PM – We receive a detailed crash dump from a customer who has the third-party Tenable.
Due to the size of the file, it’s expected parsing the data will take several hours to complete.

Monday, August 22

・1:54 AM – We’re engaged directly with some third-party vendors including Tenable, who are testing different configurations and settings.
・3:21 AM – We receive feedback from Tenable who was able to narrow down two new plug-ins that were recently added that could be the source of the issue.
We work to reproduce and test this within an internal environment.
・4:14 AM – We begin disabling and testing the behavior when specific plug-ins are disabled.
・6:52 AM – We completed several tests and see failures indicating that this is likely due to a plug-in configuration.
・11:15 AM – We see positive results from our ongoing testing of the Troubleshooter fix.
In parallel, we begin working with additional customers using the affected plug-ins to validate the problem.
・2:15 PM – We receive notice from Tenable that they are working on a fix to address a plug-in issue within the Tenable/Nessus Vulnerability Assessment Tool.
・4:29 PM – We determine that the remote Server Message Block (SMB) scans seem to be triggering the issue when configured to run remotely on the network.
We continue to test our fix, while collaborating with Tenable on their solution.
・7:06 PM – Via telemetry we identified a subset of customers who will need to perform a specific set of actions to mitigate impact.
This was communicated directly to those customers in a new Service Health Dashboard (SHD) post under MO417675.
・7:30 PM – We receive a public article published by Tenable providing additional information associated with the issue : https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
・9:01 PM – We receive reports from Tenable that they are currently rolling out a fix for broad adoption.
We provide the published article as guidance for customers to manually resolve the issue.

Tuesday, August 23

・2:35 AM – We monitor the progress of the deployment while confirming with affected customers that they are seeing recovery.
・7:41 PM – Our monitoring indicates that the impact is trending down.
We continue our focus on the Troubleshooter for this issue.
・11:50 PM – We confirm that Tenable completed their release of the updated patch.
Additionally, we complete our testing of the Windows Troubleshooter fix and begin the deployment process.

Wednesday, August 24

・4:56 PM – Our monitoring continues to show a reduction in failures and customer reports indicate that users are seeing positive results.

Thursday, August 25

・5:15 PM – The Tenable patch has been mostly adopted and our monitoring continues to indicate positive trends in recovery.
In addition, we publish additional guidance under : https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps

Friday, August 26

・12:25 AM – Our deployment of the Troubleshooter fix has reached the majority of affected environments.
When executed, users can use Windows Troubleshooter to resolve the issue.
Additional guidance is provided under https://support.microsoft.com/en-us/windows/access-work-or-school-troubleshooter-for-restoring-access-to-m365-desktop-applications-aae546b0-ee55-49a9-9784-9fa46d8c15cf

August 27 – 31

We continue monitoring the effectiveness of the patch released by Tenable as well as our Troubleshooter fix.

September 1 – 2

We confirm that the Troubleshooter fix has saturated across all affected environments.
We publish additional guidance for customers that have disabled Windows Troubleshooter via Group policy or Microsoft Endpoint Manager (MDM).

Next Steps

Findings

Action

Completion Date

We identified that in rare cases a third-party scanner can block specific systems files and prevent users from signing in.

Add resiliency to the AAD plugin within the next servicing release for Windows.
This resiliency will repair in-box plugins on subsequent logons, and activations.

The fix will be available for customers to self-deploy by the third week of September 2022.
Further, this will be added to our deployment as part of the October 2022, Patch Tuesday release.

We identified that impact was the result of a recent change made by a Third-party.

Engaged with Tenable engineering to prevent future recurrence.

Complete

In reviewing customer feedback, we determined that the instructions we provided were not easily followed at scale by all impacted customers.

In reviewing customer feedback, we determined that the instructions we provided were not easily followed at scale by all impacted customers.
We’re evaluating the best method of providing customer side guidance that is functionable at scale.

Q1CY 2023

Microsoft Store をチェックするなら、このボタンをタップ

September 3, 2022 6:52 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may have been unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps were unaffected by this issue.
This issue only affected Windows devices.
Users on an affected Windows device saw a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user.
In other scenarios some users saw ‘Need Password’ or ‘There is a problem with your account’ due to this issue.
Impacted users were unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop client applications on Windows devices include the following :
– Microsoft Teams
– Microsoft Outlook
– OneDrive for Business
– Microsoft Excel
– Microsoft PowerPoint
– Microsoft Word
– Microsoft OneNote
Tenable/Nessus (a third-party provider) has published more information and customer guidance in partnership with our engineering teams on a fix for this issue.
Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
Microsoft has published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis :
https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps
In our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article.
Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD).
The Tenable/Nessus plugin identified in the article can be run via this remote scanner and may not be present or discoverable on each endpoint.
Therefore, end users and admins may be unaware that their organization is leveraging Tenable for vulnerability management.
If you think your organization has affected users, please contact your enterprise IT department to determine whether Tenable is in use.
If, after investigating, your organization has confirmed that they are not using the affected Tenable plugin in your environment, then you are not impacted by this event.
We recommend your organization follow existing support escalation paths to address those concerns as an unrelated issue.
・Final status : The Windows Troubleshooter fix has saturated across the affected environments, and organizations that have Windows Troubleshooter enabled are receiving the fix automatically.
Organizations that have disabled Windows Troubleshooter either by Group policy or via Microsoft Endpoint Manager (MDM) will not receive the solution automatically and can resolve the issue by following the steps outlined in the “More info” section of this message.
We understand the impact this issue has had on users in affected organizations and, in some scenarios, continues to have on some users.
We encourage those users and admins for whom the remediation steps described above are not viable to reach out to Microsoft support for further assistance.
・Scope of impact : The issue potentially impacted users who were attempting to sign into Microsoft 365 desktop applications and had the affected Tenable plugin running.
・Root cause : A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect, as described in the Tenable article linked above.
We’ll publish a post-incident report within five business days.

September 1, 2022 7:01 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
This issue only affects Windows devices.
Users on an affected Windows device may see a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users are unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop client applications on Windows devices include the following :
– Microsoft Teams
– Microsoft Outlook
– OneDrive for Business
– Microsoft Excel
– Microsoft PowerPoint
– Microsoft Word
– Microsoft OneNote
Tenable/Nessus (a third-party provider) has published more information and customer guidance in partnership with our engineering teams on a fix for this issue.
Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
Microsoft has published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis :
https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps
In our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article.
Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD).
The Tenable/Nessus plugin identified in the article can be run via this remote scanner and may not be present or discoverable on each endpoint.
Therefore, end users and admins may be unaware that their organization is leveraging Tenable for vulnerability management.
If you think your organization has affected users, please contact your enterprise IT department to determine whether Tenable is in use.
If, after investigating, your organization has confirmed that they are not using the affected Tenable plugin in your environment, then you are not impacted by this event.
We recommend your organization follow existing support escalation paths, to address those concerns as an unrelated issue.
・Current Status : The Windows Troubleshooter fix is continuing to roll out to affected devices identified during our investigation.
Organizations that have Windows Troubleshooter enabled will receive the fix automatically as devices receive the fix.
However, if your organization has disabled Windows Troubleshooter either by Group Policy or via Microsoft Endpoint Manager (MDM), the Windows Troubleshooter fix will not mitigate this issue.
Impacted organizations can also achieve resolution by following the detailed steps provided in the More info section.
We understand the impact this incident has had on users in affected organizations, and the urgency in resolving this issue.
・Scope of impact : The issue may potentially impact users who are attempting to sign into Microsoft 365 desktop applications and have the affected Tenable plugin running.
・Root cause : A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect as described in the Tenable article.
・Next update by : Saturday, September 3, 2022, 3:00 PM (6:00 AM UTC)

September 3, 2022 6:52 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may have been unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps were unaffected by this issue.
This issue only affected Windows devices.
Users on an affected Windows device saw a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user.
In other scenarios some users saw ‘Need Password’ or ‘There is a problem with your account’ due to this issue.
Impacted users were unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop client applications on Windows devices include the following :
– Microsoft Teams
– Microsoft Outlook
– OneDrive for Business
– Microsoft Excel
– Microsoft PowerPoint
– Microsoft Word
– Microsoft OneNote
Tenable/Nessus (a third-party provider) has published more information and customer guidance in partnership with our engineering teams on a fix for this issue.
Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
Microsoft has published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis :
https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps
In our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article.
Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD).
The Tenable/Nessus plugin identified in the article can be run via this remote scanner and may not be present or discoverable on each endpoint.
Therefore, end users and admins may be unaware that their organization is leveraging Tenable for vulnerability management.
If you think your organization has affected users, please contact your enterprise IT department to determine whether Tenable is in use.
If, after investigating, your organization has confirmed that they are not using the affected Tenable plugin in your environment, then you are not impacted by this event.
We recommend your organization follow existing support escalation paths to address those concerns as an unrelated issue.
・Final status : The Windows Troubleshooter fix has saturated across the affected environments, and organizations that have Windows Troubleshooter enabled are receiving the fix automatically.
Organizations that have disabled Windows Troubleshooter either by Group policy or via Microsoft Endpoint Manager (MDM) will not receive the solution automatically and can resolve the issue by following the steps outlined in the “More info” section of this message.
We understand the impact this issue has had on users in affected organizations and, in some scenarios, continues to have on some users.
We encourage those users and admins for whom the remediation steps described above are not viable to reach out to Microsoft support for further assistance.
・Scope of impact : The issue potentially impacted users who were attempting to sign into Microsoft 365 desktop applications and had the affected Tenable plugin running.
・Root cause : A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect, as described in the Tenable article linked above.
We’ll publish a post-incident report within five business days.

August 30, 2022 6:26 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected Windows device may see a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users are unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop client applications on Windows devices include the following :
– Microsoft Teams
– Microsoft Outlook
– OneDrive for Business
– Microsoft Excel
– Microsoft PowerPoint
– Microsoft Word
– Microsoft OneNote
Tenable/Nessus (a third-party provider) has published more information and customer guidance in partnership with our engineering teams on a fix for this issue.
Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
Microsoft has published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis :
https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps
Some affected customers have reported they are not running Tenable.
However, in our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article.
Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD).
The Tenable plugin may not be present or discoverable on each endpoint. Please contact your enterprise IT department to determine whether Tenable is in use.
・Current Status : We’re broadening the scope of devices being targeted by the Windows Troubleshooter fix based on our investigation.
If your organization has Windows Troubleshooter enabled, the remediation will be implemented automatically as affected devices receive the fix.
However, this fix will not apply if your organization has disabled Windows Troubleshooter either by Group Policy or via Microsoft Endpoint Manager (MDM).
Organizations which have disabled Windows Troubleshooter in their environment can achieve resolution by following the detailed steps provided in the More info section.
・Scope of impact : The issue may potentially impact users who are attempting to sign into Microsoft 365 desktop applications and have the affected plugin running.
・Root cause : A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect as described in the Tenable article.
・Next update by : Thursday, September 1, 2022, 2:00 PM (5:00 AM UTC)

August 26, 2022 3:58 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
Users on an affected device may see a Microsoft 365 desktop application window either close abruptly or never open with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users are unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
Some affected customers have reported they are not running Tenable.
However, in our investigation into this issue, impacted customers have been running the Tenable/Nessus plugin identified in the article.
Tenable is a remote scanning tool that can be configured to run on your network for devices with Windows machines connected to Azure Active Directory (AAD).
The Tenable plugin may not be present or discoverable on each endpoint.
Please contact your enterprise IT department to determine whether Tenable is in use.
Tenable/Nessus (a third-party provider) has published guidance in partnership with our engineering teams on a fix for this issue.
The details of which are published in the Tenable knowledge base article below.
Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
We have published a supplementary article detailing additional guidance that users may implement to resolve the issue for their affected users at scale or on a device-by-device basis :
https://docs.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/unable-sign-in-m365-desktop-apps
・Current status : The Windows Troubleshooter has reached all known affected devices and our initial telemetry shows that this is successful in mitigating the issue for users in tandem with both the primary Tenable/Nessus guidance and supplementary steps provided within our own documentation.
We will continue monitoring the effectiveness of these steps as the number of affected devices decreases within the environment.
・Scope of impact : The issue may potentially impact users who are attempting to sign into Microsoft 365 desktop applications and have the affected plugin running.
・Root cause : Our root cause investigation has concluded.
A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect as described in the Tenable article.
・Next update by : We will update the communication pending additional information by either Tenable or Microsoft.

August 24, 2022 2:28 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
We’re providing new information in this notification for affected customers regarding the fix.
The additional communication with mitigation steps under post MO417675 has the same information. Prior workaround steps may no longer apply.
・Current status : The third-party provider (Tenable/Nessus) has published guidance in partnership with our engineering teams on a fix for this issue.
The details of which are published in the Tenable knowledge base article below. Please follow the instructions in this article to mitigate the impact caused by this incident :
https://community.tenable.com/s/article/Plugin-Updates-to-Address-Windows-Scan-Targets-being-left-unable-to-connect-to-Azure-Active-Directory-AAD
Some customers have reported they were not running the Tenable plugin.
However, in our investigation into this issue, affected customers have been running the Tenable/Nessus plugin identified in the article.
Please reach out to your enterprise IT support to verify.
・Scope of impact : The issue may potentially impact users who are attempting to sign into Microsoft 365 desktop applications and have the affected plugin running.
・Root cause : Our root cause investigation has concluded.
A web account manager plugin that facilitates desktop application authentication becomes uninstalled on the affected user devices as an unintended side-effect as described in the Tenable article.
・Next update by : We will update the communication pending additional information by either Tenable or Microsoft.

August 23, 2022 3:54 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
We’re providing targeted communication with mitigation steps to confirmed affected customers under the post MO417675.
If your organization is affected, please reference the information in that post before performing any temporary mitigation outlined below, as it may no longer apply.
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
If your users are still experiencing this issue and do not see the supplementary SHD post under MO417675, please contact mcresponse@microsoft.com and provide your tenant ID.
・Current status : The third-party provider is continuing to deploy the correct and we remain in continual contact with them to gather updates of the deployment.
In parallel, we are confirming with affected customers that the issue is being mitigated.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Wednesday, August 24, 2022, 3:00 AM (8/23/2022, 6:00 PM UTC)

August 23, 2022 11:30 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
We’re providing targeted communication with mitigation steps to confirmed affected customers under the post MO417675.
If your organization is affected, please reference the information in that post before performing any temporary mitigation outlined below, as it may no longer apply.
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
If your users are still experiencing this issue and do not see the supplementary SHD post under MO417675, please contact mcresponse@microsoft.com and provide your tenant ID.
・Current status : The third-party provider has begun deploying the correction.
We’re in contact with the third-party and monitoring the progress of the deployment while confirming with affected customers that they are seeing signs of recovery.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Tuesday, August 23, 2022, 8:00 PM (11:00 AM UTC)

August 23, 2022 6:00 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
We’re providing targeted communication with mitigation steps to confirmed affected customers under the post MO417675.
If your organization is affected, please reference the information in that post before performing any temporary mitigation outlined below, as it may no longer apply.
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing our work with the third-party provider to implement a correction that will mitigate the impact for our affected customers, which is communicated under MO417675.
If your users are experiencing this issue and do not see the supplementary SHD post, please contact mcresponse@microsoft.com and provide your tenant ID.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Tuesday, August 23, 2022, 12:00 PM (3:00 AM UTC)

August 23, 2022 4:01 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We identified in partnership with the third-party provider a correction that we believe will resolve the issue.
We’ve identified a list of affected customers and have published a new communication to these customers under MO417675.
If you believe you are having this issue and do not see the additional post, please reach out to mcresponse@microsoft.com and provide your tenant ID.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Tuesday, August 23, 2022, 8:00 AM (8/22/2022, 11:00 PM UTC)

August 23, 2022 1:35 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’ve made further progress into identifying the potential root cause and have identified that remote Server Message Block (SMB) scans could be contributing to impact.
When configured to run remotely on your network, the SMB scans can trigger the impact scenario.
One specific mitigation strategy relates to a third-party vulnerability assessment solution, who we are collaborating with to troubleshoot the issue and if confirmed, publish a fix.
In addition to the existing temporary workaround outlined in the ‘More Info’ section, we continue to partner with reporting customers on the validity of our new mitigation strategy tests.
In parallel, senior engineering leaders are helping drive each workstream to investigate any pathway for a service-side mitigation, and we’ll provide more information if actionable data becomes available.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Tuesday, August 23, 2022, 3:30 AM (8/22/2022, 6:30 PM UTC)

August 22, 2022 8:14 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’re monitoring the performance of our additional mitigations in partnership with reporting customers.
Test results have been positive, and we believe we have made significant progress since our last update.
If we determine that the provided workaround with reporting customers continues to be effective, we’ll update this communication with more actionable details regarding those mitigations.
We understand the urgency in resolving this issue and we continue to troubleshoot this incident at the highest priority.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Tuesday, August 23, 2022, 1:30 AM (8/22/2022, 4:30 PM UTC)

August 22, 2022 4:30 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’ve made significant progress on the various workstreams to help mitigate this issue.
From these efforts we’re now providing several improved temporary mitigation options to reporting customers via support channels.
In parallel, we’re continuing our work to develop effective service side mitigations to address this issue.
As part of this, we have some further validation work underway with customers who are able to reproduce the issue and the potential mitigations.
So far, the test results have been positive, and we believe we have made significant progress since our last update.
This work is being closely tracked by the senior leadership managing this investigation.
We understand the urgency in resolving this issue and are pursuing all available paths.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
Our investigation continues to progress into the underlying root cause of the given scenario.
・Next update by : Monday, August 22, 2022, 8:30 PM (11:30 AM UTC)

August 22, 2022 12:29 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’re continuing to work across our identified workstreams and will provide more details once actionable data has been finalized.
We are investigating some of the more complex reasons this error could be happening including areas of Windows, authentication, and other Microsoft 365 services.
We’ve received valuable data from some affected customers and are validating this data through various testing and scanning operations.
Engineering teams are syncing regularly to report on the progress of each path, and we may continue to rule certain pathways out and identify new ones.
If we reach an appropriate confidence level to provide more information on a specific workstream, we’ll provide that as we have done with prior workstreams in this issue.
This work is being closely tracked by the senior leadership managing this investigation.
We understand the urgency in resolving this issue and are pursuing all logical paths.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Monday, August 22, 2022, 4:30 PM (7:30 AM UTC)

August 22, 2022 8:29 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
– Microsoft OneNote desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’ve identified a robust list of new workstreams and are prioritizing them in order to provide an effective remediation for the issue.
We remain fully engaged in each workstream and we’re making progress as rapidly as possible.
In parallel, we are also working to identify if there are any additional mitigations that customers can perform, in addition to the existing temporary workaround outlined in the ‘More Info’ section.
Multiple senior engineering leaders are helping drive each of the workstreams, and we are syncing regularly to progress each workstream with the highest priority.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Monday, August 22, 2022, 12:30 PM (3:30 AM UTC)

August 22, 2022 3:28 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : The mitigation package tested overnight did not resolve the issue as intended.
We’ve started numerous other workstreams based on the additional diagnostic information we have received from affected customers.
We’re analyzing the data logs to get to the root cause of the problem and determine next steps.
Senior leadership from Windows, Azure Active Directory, and Microsoft 365 are driving the issue and have engaged additional Microsoft resources to the investigation.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Monday, August 22, 2022, 8:30 AM (8/21/2022, 11:30 PM UTC)

August 21, 2022 10:11 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’re monitoring the progress of the repair testing, and we anticipate the results will become available for our review in the next 6 hours.
During this time, we’ve continued gathering data from reporting customers to support ongoing investigations into the potential root cause.
We understand this issue’s significant impact on affected users, and we’ll continue investigating any potential avenues to expedite the time to resolution.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Monday, August 22, 2022, 3:30 AM (8/21/2022, 6:30 PM UTC)

August 21, 2022 3:57 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current Status : We’re initiating our repair package testing in production on an affected user from an impacted organization who is assisting our efforts to address this incident.
We want to ensure that the change we believe will mitigate the impact is thoroughly tested and doesn’t introduce any unintended side effects.
We understand this issue’s significant impact on your affected users and are striving to deliver a fix to remediate the problem effectively.
Additionally, we continue to review customer logs received over the last 24 hours and will initiate any necessary workstreams based on those findings.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by: Sunday, August 21, 2022, 11:00 PM (2:00 PM UTC)

August 21, 2022 11:10 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’ve implemented the identified requirements to further improve the repair package and we’re making final preparations to perform a test in production in partnership with an affected customer.
We anticipate the result of this test will take some additional time and will likely become available for our review on Sunday, August 21, 2022.
We remain in contact with some affected customers who are assisting our work to gather critical data supporting our ongoing efforts to resolve this issue.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause: A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by: Sunday, August 21, 2022, 4:00 PM (7:00 AM UTC)

August 21, 2022 6:58 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’ve completed an important validation checkpoint for the potential repair script with an affected customer.
We identified several additional requirements to include that will further improve the repair steps.
We’re now working to implement these updates within the repair, and we’re preparing to perform another round of testing the mitigation and further validation.
We remain engaged with some affected customers to gather critical data from those organizations to support our ongoing work to resolve this issue.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Sunday, August 21, 2022, 12:00 PM (3:00 AM UTC)

August 21, 2022 4:02 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Microsoft 365 applications on the web and mobile apps are unaffected by this issue.
Users on an affected device may see a Microsoft 365 desktop application window either closed abruptly or never opened with no error message or pop-up displayed to the user.
In other scenarios some users will see ‘Need Password’ or ‘There is a problem with your account’ due to the issue.
Impacted users would be unable to connect to the affected desktop app even after attempting to login via the credential prompt, performing an app restart, or a device restart.
・Affected desktop applications include the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
As a potential temporary mitigation, admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the above package is missing nothing will be returned.
To reinstall the package run the below :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that depending on device access management settings from your organization, the re-install package may need to be run as the logged-on user with elevated admin rights.
To do this, an organization’s IT admin would temporarily add the user to the local administrator group on the device (if appropriate).
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re working to validate the results of the applied mitigation for one affected customer to confirm its efficacy.
Additionally, we’ve been able to reproduce the issue more consistently with some affected customers, reducing the investigation cycle time, and increasing the speed of our progress significantly.
In parallel, we’re expanding our remediation workstreams by incorporating more elements and improving the potential repair behavior.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Sunday, August 21, 2022, 7:00 AM (8/20/2022, 10:00 PM UTC)

August 20, 2022 10:36 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context : Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run : Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’ve applied the mitigation to one of the affected customers and are monitoring it to confirm if it mitigates impact.
Meanwhile, we continue our investigation into the underlying cause and data log analysis, while also testing the potential fix.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Sunday, August 21, 2022, 4:00 AM (8/20/2022, 7:00 PM UTC)

August 20, 2022 3:18 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re preparing to assist one of the affected customers with the mitigations to determine validity.
In parallel, we will continue to provide updates throughout the weekend regarding the status of our root cause investigation, mitigation efforts, data log analysis, and the testing of our potential fix.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 11:00 PM (2:00 PM UTC)

August 20, 2022 1:23 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : Our testing efforts are ongoing and we will be collaborating with some of our affected customers throughout the weekend to determine if our fix is viable.
We are committed to treating this incident with the highest priority and urgency to ensure we reach resolution.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 4:30 PM (7:30 AM UTC)

August 20, 2022 11:09 AM · クイック更新 – Service restored

We’re continuing to test our fix with some of the affected customers.
In parallel, our efforts to gather data and understand the cause of the issue are ongoing.
We will provide an update once more details become available.
This quick update is designed to give the latest information on this issue.

August 20, 2022 9:37 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status: We’ve internally validated a possible mitigation and are in the process of working with some of the affected customers to determine if it successfully remediates the issue.
Concurrently, our efforts to prevent new users from experiencing impact are ongoing.
To ensure we have all available information to proceed with our investigation, we’re continuing to capture diagnostic data that will assist in understanding the source of the problem.
We will continue to provide timely updates when new information becomes available.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 1:30 PM (4:30 AM UTC)

August 20, 2022 8:18 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re in the process of testing a potential mitigation solution.
Once confirmed, we will work with some of the affected customers to validate the efficacy of this strategy and determine the most effective means to scale this activity.
In parallel, we are reviewing workstreams to prevent net new users from entering a state where this issue can occur.
Our efforts to gather additional diagnostic data are ongoing, and we remain committed to identifying and addressing the root cause of this issue.
We understand the significant impact this has had on your organization, and we are taking every measure available to resolve this issue.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by: Saturday, August 20, 2022, 10:30 AM (1:30 AM UTC)

August 20, 2022 6:00 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status: We’re continuing to review customer-provided data and are collecting net new diagnostic information derived from our recently implemented monitoring tools.
Our intent is to develop and validate a scalable solution over the weekend while also leveraging this time to identify the source of impact and deploy a comprehensive remediation.
We have multiple mitigation workstreams we are pursuing in parallel.
We are investigating this issue at our highest priority and will continue to provide additional information as it becomes available.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 8:30 AM (8/19/2022, 11:30 PM UTC)

August 20, 2022 5:45 AM · クイック更新 – Service restored

Our focus remains on producing viable mitigation steps for affected customers, though our root cause analysis is ongoing in parallel.
We remain engaged directly with some affected customers and are augmenting our own telemetry with information provided by those organizations.
This quick update is designed to give the latest information on this issue.

August 20, 2022 4:29 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info: Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this may need to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin needs to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : Through our review of the gathered diagnostic data, we’ve eliminated several potential causes of this issue and are making progress toward a viable mitigation strategy.
Our efforts to review file handle tables from within the Kernel Dump logs are ongoing. Furthermore, we’re continuing to collaborate with impacted customers to run process monitoring tasks to assist in isolating the source of the issue, and we’ve recently developed additional monitoring tools to aid in this effort.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 6:00 AM (8/19/2022, 9:00 PM UTC)

August 20, 2022 2:59 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this needs to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin would need to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re pursuing multiple avenues of investigation generated from the diagnostic data gathered during European and Asian business hours.
We’re analyzing file handle tables from within the Kernel Dump logs, so that we can cross-reference with our ongoing code investigations.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 4:30 AM (8/19/2022, 7:30 PM UTC)

August 20, 2022 1:51 AM · クイック更新 – Service restored

We continue to review Kernel Crash Dumps and DiagTrack logging to assist in identifying which service or process is holding a lock on a metadata folder.
This quick update is designed to give the latest information on this issue.

August 20, 2022 1:08 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Please note that this needs to be run as the logged on user with elevated admin rights.
To do this, an organization’s IT admin would need to add the user to the local administrator group on the device.
This can be done by going to the Local User Management window.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : Our investigation continues to progress.
Currently, we’re pursuing workstreams to understand the root cause and develop fixes to address two identified issues which are contributing to impact.
To further isolate and better understand the issue affecting AAD login leveraging the Microsoft.AAD.BrokerPlugin, we’ve worked with some affected users to implement detailed logging and have successfully gathered multiple Kernel Crash Dump logs from an affected device while the issue was occurring.
We’re performing data analysis of the gathered logs to assist our investigations into the root cause of what service or process is holding a lock and manifesting as the plugin being removed during a repair process.
In parallel, we’re continuing to examine a service repair action which would normally resolve this problem automatically but is not functioning as expected.
We’re preparing a potential fix for this issue, though implementation may take some time to complete.
Additionally, to assist in isolating what service or process is holding a lock, we implemented a change to gather further detailed diagnostics within the Diagnostics Tracker (DiagTrack) service, which gathers Windows device diagnostics.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by: Saturday, August 20, 2022, 3:00 AM (8/19/2022, 6:00 PM UTC)

August 19, 2022 1:58 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing to develop potential remediation options that we can test on affected devices for efficacy.
If your organization is continuing to experience impact related to this incident, please contact our support teams to coordinate a live repro session so we can capture further data for our investigation.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Friday, August 19, 2022, 4:00 PM (7:00 AM UTC)

August 19, 2022 3:19 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing to treat this incident with the highest urgency and priority.
We will continue actively monitoring the situation overnight while we’re pursuing the root cause and making progress on remediation options.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Saturday, August 20, 2022, 2:00 AM (8/19/2022, 5:00 PM UTC)

August 19, 2022 1:58 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin” If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing to develop potential remediation options that we can test on affected devices for efficacy.
If your organization is continuing to experience impact related to this incident, please contact our support teams to coordinate a live repro session so we can capture further data for our investigation.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Friday, August 19, 2022, 4:00 PM (7:00 AM UTC)

August 19, 2022 1:21 PM · クイック更新 – Service restored

We’ve made progress on a possible remediation, but it will require additional verification and testing on local devices before we can determine how best to deliver the fix.
In parallel, we’re working with some affected users to coordinate live repro sessions with impacted devices to allow for direct troubleshooting and capturing fresh logs.
This quick update is designed to give the latest information on this issue.

August 19, 2022 11:58 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin” If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’ve eliminated a potential root cause and we’re shifting our efforts onto other lines of investigation by leveraging the diagnostic data and telemetry that we’ve gathered and the internal testing we’ve done.
We’re working with impacted users to gather more active data through ProcMon and coordination with support.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Friday, August 19, 2022, 2:00 PM (5:00 AM UTC)

August 19, 2022 11:16 AM · クイック更新 – Service restored

Our investigation into the potential root causes is resuming as further testing indicates that our hypothesis is not fully accounting for the state of the Microsoft.AAD.BrokerPlugin on the affected devices.
Concurrently, we are exploring more durable remediation options that can be provided to affected customers.
This quick update is designed to give the latest information on this issue.

August 19, 2022 10:08 AM · クイック更新 – Service restored

We’ve identified a possible root cause for the service repair action failing which would lead to the Microsoft.AAD.BrokerPlugin being removed from affected devices.
We’re testing internally and correlating with reporting customers to gather supporting evidence for this hypothesis.
This quick update is designed to give the latest information on this issue.

August 19, 2022 9:38 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin” If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing our efforts to investigate the source of the Microsoft.AAD.BrokerPlugin impact and the service repair function.
In parallel, we’re gathering further extensive diagnostic data from our telemetry, impacted users, and our internal testing to better understand the sources of the problem.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Friday, August 19, 2022, 12:00 PM (3:00 AM UTC)

August 19, 2022 8:33 AM・クイック更新 – Service restored

We’ve reproduced the issue internally and have begun testing the service repair action to determine why it is not functioning as expected.
In parallel, we continue working with impacted customers to gather additional telemetry to aid our investigation into why the service repair action process was being triggered for this subset of customers.
This quick update is designed to give the latest information on this issue.

August 19, 2022 7:47 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re tracking two known issues related to this incident.
First, an impact scenario we are still investigating that affects Microsoft.AAD.BrokerPlugin and is impacting AAD login.
Additionally, a service repair action which would normally resolve this automatically is not functioning as expected.
We’re working to address both of the identified aspects of this issue with high priority and continuing to review customer data and service telemetry.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Friday, August 19, 2022, 10:00 AM (1:00 AM UTC)

August 19, 2022 4:35 AM · クイック更新 – Service restored

We’re continuing to gather actionable data from reporting customers and closely examining any relevant service deployments that occurred on or around the date when reports were first received.
We’re also examining potential 3rd-party apps and dependencies that could be contributing to the problem while we analyze commonalities between affected users and their respective configurations.
This quick update is designed to give the latest information on this issue.

August 19, 2022 3:58 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the affected plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
Some customers have reported the temporary mitigation steps may need to be repeated for an affected user after some time.
・Current status : We’re continuing our efforts to gather required data for our investigation to identify why the plugin (Microsoft.AAD.BrokerPlugin) is being removed.
Our current actions to gather data and investigate available service telemetry will inform next steps.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by: Friday, August 19, 2022, 6:00 AM (8/18/2022, 9:00 PM UTC)

August 19, 2022 2:22 AM · クイック更新 – Service restored

In addition to the investigative avenues described previously, we’re also examining case history and older service events as we work toward a solution for the current problem.
This quick update is designed to give the latest information on this issue.

August 19, 2022 2:00 AM · クイック更新 – Service restored

We’re engaging with some impacted customers to activate advanced logging on impacted devices.
Additionally, we’re looking at commonalities in Antivirus services, applications and properties on affected devices.
This quick update is designed to give the latest information on this issue.

August 19, 2022 1:51 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User Impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We’re performing additional live diagnostics to isolate what is causing the affected plugin to be removed from user devices.
While our investigation is ongoing, we encourage users and admins who are able to follow the steps described in the “more info” section above to temporarily mitigate the impact from this issue.
・Scope of impact : The issue may potentially impact some users who are attempting to sign into Microsoft 365 desktop applications.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t present on the affected user devices.
・Next update by: Friday, August 19, 2022, 4:00 AM (8/18/2022, 7:00 PM UTC)

August 18, 2022 8:17 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We received additional reproduction logs from impacted users and we’re reviewing them to help us identify the cause of impact and next steps to address this issue.
Due to the complexity of the scenario this will take some additional time.
・Scope of impact : Your organization is affected by this event, and some users attempting to sign into Microsoft 365 desktop applications are impacted.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Thursday, August 18, 2022, 1:00 PM (4:00 AM UTC)

August 18, 2022 5:54 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We’ve updated the suggested PowerShell command to run when working with support to reinstall the package run as a potential mitigation based on feedback from affected users.
We’re continuing to work with affected users to reproduce the issue, troubleshoot, and collect additional logs to further our understanding of the problem and formulate a remediation plan moving forward.
・Scope of impact : Your organization is affected by this event, and some users attempting to sign into Microsoft 365 desktop applications are impacted.
・Root cause : A web account manager plugin that facilitates desktop application authentication isn’t installed on the affected user devices.
・Next update by : Thursday, August 18, 2022, 8:30 AM (8/17/2022, 11:30 PM UTC)

August 18, 2022 3:49 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : Our investigation thus far has been inconclusive in determining the underlaying cause of this issue.
We’re reviewing Process Monitor logs and working to reproduce the issue with affected users to collect additional analytical data, further our understanding of the impacting scenario, and determine our next troubleshooting steps.
・Scope of impact : Your organization is affected by this event, and some users attempting to sign into Microsoft 365 desktop applications are impacted.
・Root cause : A web account manager plugin that facilitates desktop app authentication isn’t installed on the affected user devices.
・Next update by : Thursday, August 18, 2022, 6:00 AM (8/17/2022, 9:00 PM UTC)

August 17, 2022 3:07 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We’re analyzing debug logs provided by some affected users to determine why the web account manager plugin that facilitates desktop app authentication isn’t installed on the affected user devices.
Once that is identified, we’ll be able to develop a fix.
We’re also reaching out to some affected users to see if affected devices installed any antivirus updates recently, which will help us determine why only some devices are impacted.
・Scope of impact : The issue may potentially impact any users attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop app authentication isn’t installed on the affected user devices.
・Next update by : Thursday, August 18, 2022, 4:00 AM (8/17/2022, 7:00 PM UTC)

August 17, 2022 12:47 PM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We’ve determined that a web account manager plugin that facilitates desktop app authentication isn’t installed on the affected user devices.
We’ve confirmed with some affected users that manually reinstalling the component remediates the impact.
We’re working to determine why the plugin isn’t installed so we can develop a fix.
While we’re doing that, admins can work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run a “get-appxpackage” PowerShell command in user context.
・Scope of impact : The issue may potentially impact any users attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Root cause : A web account manager plugin that facilitates desktop app authentication isn’t installed on the affected user devices.
・Next update by: Wednesday, August 17, 2022, 3:00 PM (6:00 AM UTC)

August 17, 2022 10:27 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info: Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
Admins can also work with Support to check if the plugin is installed, and if it’s not installed, work with Support to run the following “get-appxpackage” PowerShell command in user context :
Get-AppxPackage -Name “Microsoft.AAD.BrokerPlugin”
If the package is missing nothing will be returned.
To reinstall the package run :
Add-AppxPackage -Register “C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml” -DisableDevelopmentMode -ForceApplicationShutdown.
・Current status : We’re analyzing web account manager logs provided by some affected users to determine the source of the impact.
・Scope of impact : The issue may potentially impact any users attempting to sign into Microsoft 365 desktop applications and are served through the affected infrastructure.
・Next update by : Wednesday, August 17, 2022, 12:30 PM (3:30 AM UTC)

August 17, 2022 9:39 AM – Service restored

・Title : Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors
・User impact : Users may be unable to sign into Microsoft 365 desktop applications and encounter errors.
・More info : Multiple Microsoft 365 desktop applications are impacted, including the following :
– Microsoft Teams desktop app
– Microsoft Outlook desktop app
– OneDrive for Business desktop app
– Microsoft Excel desktop app
– Microsoft PowerPoint desktop app
– Microsoft Word desktop app
While we’re focused on remediation, users can sign into the web, mobile, or both applications.
・Current status : We’re investigating a potential issue and checking for impact to your organization.
We’ll provide an update within 30 minutes.

Microsoft Store をチェックするなら、このボタンをタップ

Microsoft 365 suite 関連記事一覧

・【トラブルシューティング】Microsoft 365 管理センター内にて Microsoft Teams、E メールのストレージ、グループアクティビティレポート等が更新されない問題が発生【MO289071】

Microsoft 365 suite のメッセージセンター関連情報一覧

Microsoft 365 suite のメッセージセンター関連記事一覧

Microsoft 365 suite サービス正常性関連記事一覧

Microsoft Store をチェックするなら、このボタンをタップ

目次

Some users may be unable to sign into Microsoft 365 desktop applications and encounter errors – MO414814

Post Incident Repot（PIR）

Incident Information

User Impact

Scope of Impact

Incident Start Date and Time

Incident End Date and Time

Root Cause

Actions Taken (All times UTC)

Tuesday, August 16

Wednesday, August 17

Thursday, August 18

Friday, August 19

Saturday, August 20

Sunday, August 21

Monday, August 22

Tuesday, August 23

Wednesday, August 24

Thursday, August 25

Friday, August 26

August 27 – 31

September 1 – 2

Next Steps

September 3, 2022 6:52 AM – Service restored

September 1, 2022 7:01 AM – Service restored

September 3, 2022 6:52 AM – Service restored

August 30, 2022 6:26 AM – Service restored

August 26, 2022 3:58 AM – Service restored

August 24, 2022 2:28 AM – Service restored

August 23, 2022 3:54 PM – Service restored

August 23, 2022 11:30 AM – Service restored

August 23, 2022 6:00 AM – Service restored

August 23, 2022 4:01 AM – Service restored

August 23, 2022 1:35 AM – Service restored

August 22, 2022 8:14 PM – Service restored

August 22, 2022 4:30 PM – Service restored

August 22, 2022 12:29 PM – Service restored

August 22, 2022 8:29 AM – Service restored

August 22, 2022 3:28 AM – Service restored

August 21, 2022 10:11 PM – Service restored

August 21, 2022 3:57 PM – Service restored

August 21, 2022 11:10 AM – Service restored

August 21, 2022 6:58 AM – Service restored

August 21, 2022 4:02 AM – Service restored

August 20, 2022 10:36 PM – Service restored

August 20, 2022 3:18 PM – Service restored

August 20, 2022 1:23 PM – Service restored

August 20, 2022 11:09 AM · クイック更新 – Service restored

August 20, 2022 9:37 AM – Service restored

August 20, 2022 8:18 AM – Service restored

August 20, 2022 6:00 AM – Service restored

August 20, 2022 5:45 AM · クイック更新 – Service restored

August 20, 2022 4:29 AM – Service restored

August 20, 2022 2:59 AM – Service restored

August 20, 2022 1:51 AM · クイック更新 – Service restored

August 20, 2022 1:08 AM – Service restored

August 19, 2022 1:58 PM – Service restored

August 19, 2022 3:19 PM – Service restored

August 19, 2022 1:58 PM – Service restored

August 19, 2022 1:21 PM · クイック更新 – Service restored

August 19, 2022 11:58 AM – Service restored

August 19, 2022 11:16 AM · クイック更新 – Service restored

August 19, 2022 10:08 AM · クイック更新 – Service restored

August 19, 2022 9:38 AM – Service restored

August 19, 2022 8:33 AM・クイック更新 – Service restored

August 19, 2022 7:47 AM – Service restored

August 19, 2022 4:35 AM · クイック更新 – Service restored

August 19, 2022 3:58 AM – Service restored

August 19, 2022 2:22 AM · クイック更新 – Service restored

August 19, 2022 2:00 AM · クイック更新 – Service restored

August 19, 2022 1:51 AM – Service restored

August 18, 2022 8:17 AM – Service restored

August 18, 2022 5:54 AM – Service restored

August 18, 2022 3:49 AM – Service restored

August 17, 2022 3:07 PM – Service restored

August 17, 2022 12:47 PM – Service restored

August 17, 2022 10:27 AM – Service restored

August 17, 2022 9:39 AM – Service restored

Microsoft 365 suite 関連記事一覧

Microsoft 365 suite のメッセージセンター関連情報一覧

Microsoft 365 suite サービス正常性関連記事一覧

コメントを残すコメントをキャンセル