This morning, I discovered that two Microsoft Managed Conditional Access policies seem to have disappeared: one for requiring phishing-resistant multifactor authentication for admins and the other for blocking legacy authentication. It looks like the 'Microsoft Managed Policy Manager' service principal name may have deleted them, leading me to think this was a deliberate action by Microsoft. Has anyone else noticed this? Did I miss any notification about these policies being removed?
9 Answers
I set up a new tenancy last week and noticed those policies weren't even there, which seems fishy.
This is a huge problem for us. We have some apps that rely on Conditional Access, and now they have no MFA protection. It's like they broke everything with this change. Really feels like an Easter glitch from Microsoft.
Do you think this has anything to do with the rollout of the Security Copilot agent?
I actually hope this means the end of those Microsoft Managed Policies! I've been wanting to remove them for a while now!
I noticed the same two policies gone, but thankfully, I hadn't assigned them to anyone since Microsoft set them up automatically.
I appreciate that confirmation; it helps to know I'm not the only one.
Yep, this looks like Microsoft doing some house cleaning. We've noticed similar activity across various tenants today. A good takeaway here is to never solely rely on Microsoft-managed policies for your controls. We treat them more like templates and recreate the crucial ones ourselves to prevent gaps like this. It's also wise to check your sign-in logs from the last 24 hours to see if anything slipped through.
Darktrace flagged the change for me last night at 5:37 PM CDT. At least these were default policies and not the custom ones we rely on.
We experienced this too, and it’s insane that they made these changes without any notice whatsoever. I've opened a ticket about it.
I got an alert today that the 'Microsoft Managed Policy Manager' removed some services. Our security system detected the changes, so it seems legit from Microsoft's end.
Thanks for confirming! I opened a support ticket since I have an agreement with them. I'll let you all know if I hear anything back.
We saw this happening across multiple tenants starting yesterday, so it's a widespread issue.
Microsoft truly is the gift that keeps on giving!