Microsoft Defender EOP
We have been experiencing an issue since last week where we are unable to view the details of quarantined emails. Could you please confirm if this is related to a known backend service issue, or if there are any specific troubleshooting steps we should perform on our end? Any guidance or updates would be greatly appreciated.
Built-in report button is available in Microsoft Outlook across platforms
Outlook and Defender for Office 365 are excited to announce the release of built-in report button in Microsoft Outlook across platforms (web, new Outlook for Windows, classic Outlook for Windows, Outlook for Mac, Outlook for Android, Outlook for iOS, and Outlook for android Lite) for both personal and commercial accounts. You can find the built-in button across Outlook: Outlook on the web. New Outlook for Windows. Outlook for Mac version 16.89 (24090815) or later. Classic Outlook for Windows version Current channel: Version 16.0.17827.15010 or later. Monthly Enterprise Channel: Version 16.0.18025.20000 or later. Semi-Annual Channel (Preview): Release 2502, build 16.0.18526.20024 Semi-Annual Channel: Release 2502, build 16.0.18526.20024 Outlook for iOS version 4.2511 or later and Outlook for Android version 4.2446 or later. Outlook for Android Lite Benefits the built-in report button provides for security admins It works out of the box with no setup required The reporting experience for end user is the same across consumer and commercial accounts The report button is consistent across Outlook clients The report button is front and center on all clients The report button is present on the grid view, reading panel, preview panel, context menu The report button enables the user to select in bulk and report messages at once You can turn on and off the pre and post reporting popups for users in your organization using You can customize the individual pre and post reporting popup by adding text and links in 7 diff languages The report button is present on shared and delegate mailboxes enabling end users to report emails. Now present on outlook for web, new outlook for windows, outlook for mac, outlook for android and outlook for iOS The end user reports made by these clients are routed as per the message reported destination configured in the user reported settings. You can view the user report as soon as they are made on the If you have configured Microsoft only or Microsoft and my reporting mailbox in the user reported settings, the result from Microsoft analysis are available on the result column You can turn off the built-in report button on user reported settings by Selecting non-Microsoft add-in button and providing the address of the reporting mailbox of the 3 rd party add-in, or Deselecting monitor reported messages in outlook Note: The report phish add-in and the report message add-in does not provide support for shared and delegate mailbox. The report phish add-in, the report message add-in, and the built-in report button all read from the same user reported settings and use the same internal reporting API. In a way there are two different doors (entry point) to the same house (the backend). For the moment, the report message and report phish add-in are in maintenance mode to provide enough time for customers to migrate to the built-in button. To learn more, please check out Transition from Report Message or the Report Phishing add-ins - Microsoft Defender for Office 365 | Microsoft Learn Report phishing and suspicious emails in Outlook for admins - Microsoft Defender for Office 365 | Microsoft Learn User reported settings - Microsoft Defender for Office 365 | Microsoft Learn Protect yourself from phishing - Microsoft Support Report phishing - Microsoft Support How do I report phishing or junk email? - Microsoft SupportAll Excel Macro Files Suddenly Flagged as Malware (X97M/Slacker.gen!A) Across M365 Starting April 16
Starting around 8 PM GMT+8 on April 16, 2025, macro-enabled Excel files with extensions such as .xlsm, .xlsb, or .xls began being automatically flagged as malware, specifically identified as X97M/Slacker.gen!A—when opened or edited in SharePoint, OneDrive, or Teams. Before this, the same files were not flagged as malicious, even when opened or edited, and this behavior had remained consistent for several months. This issue affects our entire tenant, with over 800 files being flagged as malware under the name X97M/Slacker.gen!A. These files are located across various locations and have been modified by different users. We are a Cloud-only tenant, and we have not done any configuration changes in Threat Policies for the past few months.
