Microsoft has mitigated an Azure outage that lasted more than two hours and took down multiple services for customers across North and Latin America.
The company says the incident started around 18:22 UTC and impacted services that leverage Azure Front Door (AFD), its modern cloud Content Delivery Network (CDN).
“This issue is impacting multiple geographies, mostly in North America and Latin America,” Redmond explained when it first acknowledged the outage on the Azure status page, saying it was caused by what it described as a “configuration change.”
“We have rolled back this change and, from 19:25 UTC, the majority of services are seeing recovery. Many Microsoft services have failed away from AFD, in response to this issue.”
However, customers have also reported experiencing errors connecting to Azure services (including Azure DevOps) in the United Kingdom, with the Azure DevOps status page also tagging the issues as affecting Brazilian users.
Furthermore, while the Azure status page didn’t show any information about services being affected for at least an hour, it also failed to load for many customers during the outage.
Downdetector has received thousands of user reports regarding server connection and login problems, even though the Service Health Status page has shown no Azure issues throughout the outage.
Today’s incident follows a massive Azure outage that impacted many Microsoft 365 and Azure services last Tuesday, causing access issues and degraded performance for customers worldwide.
The company later confirmed that the outage affected the Microsoft 365 admin center, Intune, Entra, Power BI, and Power Platform services, blaming it on an “unexpected usage spike” that “resulted in Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components performing below acceptable thresholds, leading to intermittent errors, timeout, and latency spikes.”
However, Microsoft has since revealed that last week’s nine-hour Azure outage was triggered by a volumetric TCP SYN flood distributed denial-of-service (DDoS) attack that targeted multiple Azure Front Door and CDN sites.
“While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, which activated our DDoS protection mechanisms, initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it,” Microsoft said.
Earlier this month, Microsoft 365 customers were impacted by another widespread outage caused by what Redmond described at the time as an Azure configuration change.
Other worldwide outages affected Microsoft 365 services in July 2022 following a faulty Enterprise Configuration Service (ECS) deployment and in January 2023 after a Wide Area Network IP change.
In June 2023, the company confirmed that its Azure, Outlook, and OneDrive web portals were taken down in Layer 7 DDoS attacks by a threat actor tracked as Anonymous Sudan (aka Storm-1359), believed to have Russian ties.
