Fix: Why Microsoft Is Incorrectly Blocking Your Links in Teams and Outlook
Have you tried to click a link in a Microsoft Teams chat or an Outlook email recently, only to be met with an alarming security warning? You’re not alone. A widespread issue is currently causing Microsoft 365 services to incorrectly block legitimate, safe links, disrupting communication and workflows for businesses and individuals alike.
This is not a new phishing attack or a sign that your system is compromised. Instead, the problem stems from a misfiring anti-spam feature within Microsoft’s own security suite. Here’s a breakdown of what’s happening and what you can do about it.
The Problem: Safe Links Are Being Flagged as Malicious
Users are reporting that when they click on a standard, safe URL sent through Teams or Exchange Online (Outlook), they are redirected and blocked by a message stating, “This website has been classified as malicious” or that the link has been blocked for their organization’s protection.
This is happening even with well-known, trusted domains and internal company links, leading to confusion and frustration. The core of the issue lies with how Microsoft’s security services are scanning and processing URLs.
The Cause: A Bug in Microsoft Defender’s Safe Links Feature
The issue stems from a component of Microsoft Defender for Office 365 known as Safe Links. This feature is designed to protect users by proactively scanning URLs in emails and documents. When you click a link, Safe Links first routes you through a Microsoft server to check if the destination is associated with phishing, malware, or other threats.
Normally, this is a valuable security layer. However, a recent update appears to have introduced a bug, causing the Safe Links scanner to generate false positives. It is incorrectly flagging safe URLs, particularly those that involve redirects, as malicious threats. This false alarm is what triggers the blocking page and prevents users from reaching their intended destination.
This is not a targeted attack but rather an internal technical glitch affecting a broad range of Microsoft 365 tenants.
How to Address the Link Blocking Issue
While Microsoft works on a permanent server-side fix, there are immediate steps you can take to mitigate the disruption. The right solution depends on whether you are an end-user or an IT administrator.
For End-Users: A Quick Workaround
If you are confident the link is safe, you can often bypass the Safe Links scanner.
- Instead of clicking the link directly, right-click on it and select “Copy Link” or “Copy Hyperlink.”
- Open a new tab in your web browser.
- Paste the link directly into the address bar and press Enter.
This method often prevents the Safe Links wrapper from activating, allowing you to access the website. Only use this method if you trust the source of the link.
For IT Administrators: A Temporary Fix
For a more comprehensive solution that resolves the issue for your entire organization, administrators can temporarily adjust the Safe Links policy.
Warning: Disabling security features can increase risk. This should be considered a temporary measure until Microsoft confirms the issue is resolved.
- Navigate to the Microsoft Defender portal at
security.microsoft.com. - In the left-hand menu, go to Email & collaboration > Policies & rules.
- Select Threat policies and then click on Safe Links.
- Identify the policy that is affecting your users (often the “Default” or a custom-built one).
- Click on the policy to open its settings and select Edit protection settings.
- Locate the setting that enables Safe Links checks for Teams and Outlook and temporarily disable it.
- Save the policy changes. It may take a few minutes for the new settings to propagate throughout your organization.
Remember to re-enable this policy once Microsoft has officially deployed a permanent solution to maintain your security posture.
Moving Forward
While disruptive, the good news is that this link-blocking issue is not a sign of a real security threat but rather a bug in a protective feature. Microsoft has acknowledged the problem and is actively working on a fix. By using the workarounds above, users and administrators can minimize the impact on productivity while waiting for a permanent resolution.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-anti-spam-bug-blocks-links-in-exchange-online-teams/
