A significant issue within Microsoft’s anti-spam filtering service has been causing disruptions for users of Exchange Online and Microsoft Teams. This problem, identified under Microsoft advisory MO1148487, has led to difficulties in accessing certain URLs, thereby affecting organizational workflows.
Root Cause of the Issue
Microsoft has pinpointed the problem to an anti-spam detection mechanism that erroneously flags specific URLs as malicious. Notably, URLs embedded within other URLs have been incorrectly identified as threats. Consequently, users have faced challenges opening hyperlinks shared via Exchange Online emails or Microsoft Teams chats.
Impact on Users and Administrators
Beyond the inability to access certain links, administrators have reported receiving false alerts titled A potentially malicious URL click was detected involving one user. Microsoft has confirmed that these flagged URLs are safe and that the warnings are incorrect. Additionally, some legitimate email messages have been unnecessarily quarantined, further disrupting business communications reliant on Exchange and Teams.
This situation has caused confusion within organizations, as security alerts typically trigger incident response protocols. While Microsoft has managed to mitigate the majority of these issues, some users continue to experience residual problems as the company refines its anti-spam service.
Microsoft’s Response and Ongoing Efforts
In an update on September 9, 2025, at 08:25 AM UTC, Microsoft announced the identification of a new subset of affected URLs and is actively working to address them alongside any remaining impacts from the initial issue. Engineers are conducting a thorough root cause analysis to prevent future occurrences.
Microsoft stated: We’re confident that a majority of the impact has been resolved, and we’re actively addressing lingering issues. Our teams are continuing to examine the anti-spam detection systems that incorrectly flagged these URLs.
The next official progress update is scheduled for 6:00 PM UTC on September 9, 2025. Until then, customers may experience intermittent issues when opening links in affected messages.
Guidance for Administrators and Users
Microsoft advises administrators and users to monitor the Service Health Dashboard for updates. Organizations are urged not to treat the current alerts as genuine threats, as the flagged URLs have been confirmed to be safe.
Historical Context and Broader Implications
This incident is not isolated. In May 2025, Microsoft resolved an issue where a machine learning model mistakenly flagged emails from Gmail accounts as spam in Exchange Online. The problem began on April 25, 2025, causing legitimate Gmail messages to be automatically moved to junk folders. Microsoft identified that their machine learning model, designed to protect Exchange Online from risky emails, was incorrectly classifying legitimate messages due to similarities with spam attacks. The company reverted the faulty model to a previous version to mitigate the issue. ([bleepingcomputer.com](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-exchange-online-bug-flagging-gmail-emails-as-spam/?utm_source=openai))
In March 2023, a significant change in the default anti-spam protection policy settings in Exchange Online led to numerous legitimate emails being filtered as spam. Administrators reported that emails, particularly those from scan-to-email devices, were suddenly being marked as spam. Microsoft’s engineering team addressed the issue by updating their detection systems. ([techcommunity.microsoft.com](https://techcommunity.microsoft.com/t5/microsoft-365/anti-spam-protection-policy-scan2mail-false-positives/td-p/3772912?utm_source=openai))
These recurring incidents highlight the challenges associated with automated email filtering systems. While machine learning models enhance the detection of malicious content, they can also lead to false positives, disrupting legitimate communications. Organizations are encouraged to implement additional security measures and maintain vigilance to mitigate the impact of such issues.
