Title: Some users may be unable to access some apps when using Microsoft Defender for Endpoint
User impact: Users may have been unable to access some apps when using Microsoft Defender for Endpoint.
More info: Users that had updated to the Microsoft Defender for Endpoint engine version 1.1.23090.2007 were impacted by this event.
Admins may have also been unable to access the expected level of granular controls.
Final status: We’ve confirmed that our fix’s deployment was successfully restarted and has now completed. The fix is currently available in engine version 1.1.23100.2009, the most recent Microsoft Defender for Endpoint update, and users without an auto-update feature enabled will need to manually update to this version to receive the fix. Users should also check to ensure that their devices have the latest Security Intelligence update of version 1.401.3.0 or higher to allow the fix to work as expected.
Scope of impact: Users that have updated to the 1.1.23090.2007 version of Microsoft Defender for Endpoint may have been impacted by this event.
Start time: Tuesday, September 19, 2023, at 12:00 PM UTC
End time: Friday, November 3, 2023, at 3:52 PM UTC
Root cause: A latent code regression introduced with the 1.1.23090.2007 engine update within the affected infrastructure caused an unexpected parsing behavior to occur in certain circumstances, which resulted in impact.
Next steps:
– We’re investigating how the code regression was missed during our update vetting procedures which will allow us to improve our pre-deployment testing processes and help prevent similar issue in the future.
This is the final update for the event.
