Users’ device configuration policy changes may not be enforced in Microsoft Defender for Endpoint

Title: Users’ device configuration policy changes may not be enforced in Microsoft Defender for Endpoint

User impact: Users’ device configuration policy changes may not have been enforced in Microsoft Defender for Endpoint.

More info: This impact was limited to new device configuration policies or new changes to existing policies that were implemented during the impact period. Existing device configuration policies weren’t affected.

Final status: Our investigation has determined that an authentication component of Microsoft Defender for Endpoint infrastructure responsible for applying the affected policy changes encountered an error that caused it to enter an inoperative state, leading to impact. We implemented a configuration change to resolve the infrastructure error, and our service health telemetry has confirmed that this action has restored the pathway responsible for applying policy changes and impact is remediated.

Scope of impact: Any user attempting to implement device configuration policy changes during the impact period may have been impacted.

Start time: Thursday, April 11, 2024, at 8:30 AM UTC

End time: Thursday, April 11, 2024, at 8:12 PM UTC

Root cause: An authentication component of Microsoft Defender for Endpoint infrastructure responsible for applying the affected policy changes encountered an error that caused it to enter an inoperative state, leading to impact.

Next steps:
– We’re analyzing the affected component of infrastructure to assist us in identifying methods to detect and resolve similar future errors before they lead to impact.
This is the final update for the event.