This article is more than 1 year old

Microsoft breaks geolocation, locking users out of Azure and M365

Customers banished to an IP address in Uzbekistan that Redmond’s cloud did not recognize

Microsoft has found a new and interesting way to break its cloud services: by messing up geolocation services and sending its users to Uzbekistan, which made it impossible for them to log in.

The Beast of Redmond let the world know about the mess with this oblique tweet regarding Microsoft 365:

A kind Reg reader sent more detail: a Microsoft status notice that defined the problem as "a subset of users with geolocation-based conditional access policies experienced sign-in disruptions to Azure services."

The reader's info said the mess was caused by "a recent deployment applied to an infrastructure for regulating user geolocation had inadvertently provided incorrect IP location data."

This resulted in users who had an IP-based conditional access policy experiencing the sign-in issues mentioned above.

Our reader sent us an image of the error message seen by his clients in Darwin, Australia, which explained that Microsoft would not allow access to Teams because the traffic came from Toshkent, Uzbekistan.

Chileans also appear to have been sent to Uzbekistan if this Tweet is any guide:

And so were United Statesians:

Interestingly, the UK's National Health Service, a known Microsoft 365 user, listed the incident in its tech support feed. Hopefully the mess didn't impact services there.

Microsoft's Twitter thread about the incident suggests it was sorted out within about nine hours.

Users disputed that and did not appreciate Microsoft's handling of the situation.

Making matters worse, the IP addresses in question appear to be IPv4. Shame, Microsoft, get thee to IPv6!

Those of you with M365 admin accounts may be able to find a more detailed status report with the identifier "MO531859". If you read it, and it details the precise duration of the outage, please let us know in a comment so that when we next report an M365 outage we can accurately rename the service to reflect its actual uptime. ®

More about


Send us news

Other stories you might like