A global outage of Microsoft services was started by a Distributed Denial-of-Service (DDoS) attack, the tech giant has revealed.
A blunder in Microsoft’s DDoS security estimates then, at that point, enhanced the effect of the attack as opposed to moderating it, the firm conceded.
The outage went on for about 10 hours, between roughly 11.45 UTC and 19.43 UTC on July 30, 2024.
Customers reported issues with Outlook, Azure, and Minecraft, among other Microsoft platforms, during this time. Additionally affected were the Microsoft cloud systems Intune and Entura.
Various associations have purportedly been impacted, including banks, courts and utility services.
That’s what Microsoft recognized “a subset of clients might have encountered issues interfacing with a subset of Microsoft services globally.”
Microsoft Azure Outage Caused by “Unexpected Usage Spike” Microsoft said that an “unexpected usage spike” caused Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components to perform below acceptable thresholds, resulting in occasional errors, timeout spikes, and latency spikes.
Microsoft apologized to clients for the issues on its X (previously Twitter) account. Additionally, it promised to publish a preliminary post-incident review (PIR) within approximately seventy-two hours to provide additional information regarding the incident and the response.
Stephen Robinson, a Senior Threat Intelligence Analyst at WithSecure, made the following statement regarding the incident: “Even though this outage only lasted for a brief period of time and only affected a subset of services, the impact was still noticeable to many people.”
“Modern online services are built on stacked layers of dependencies, and in a significant proportion of service stacks you will find Microsoft services,” explained Robinson.
The issues surfaced less than two weeks after a worldwide outage of Windows operating systems was brought on by an error in a software update for the CrowdStrike Falcon product.
Because of the episode, Microsoft executed systems networking configuration changes to support its DDoS protection efforts and performed failovers to alternate networking paths to provide relief.
Microsoft claimed that these initiatives had reduced the majority of the impact by 14.10 UTC. A refreshed relief approach was then carried out across Asia Pacific, Europe and the Americas, with ordinary service levels resumed globally by 19.43 UTC.
The episode was pronounced as moderated at 20.48 UTC.
