Microsoft investigates Office Apps, Teams file access issues
#Regulation

Microsoft investigates Office Apps, Teams file access issues

Security Reporter
3 min read

Microsoft confirms a widespread outage affecting Office for the web and Teams file opening, outlines the likely cross‑service cause, and offers immediate steps for admins and end users while the company works to restore service.

![MO1329446 Teams Office Apps incident](MO1329446 Teams Office Apps incident)

Microsoft announced an ongoing incident that is preventing users of Microsoft Teams and Office for the web from opening files. The problem shows up as the message “Office Online services aren't available right now.” and has been reported across Excel, PowerPoint, Word and other web‑based Office apps.

What happened?

  • The Microsoft 365 Status account posted that some users cannot open files in Teams or Office for the web.
  • An admin‑center incident ticket (MO1329446) lists the affected services and notes a potential cross‑service issue.
  • Earlier today Microsoft also dealt with a separate outage that blocked MFA enrollment and the MySignIn portal, which was traced to a cache‑configuration change that caused high CPU and memory usage in EU data centers.

The combination of these incidents suggests a shared backend component—likely the Office Online rendering farm—experienced a failure after a recent configuration rollout.

Expert context

James Whitaker, Senior Cloud Engineer at Redmond‑Tech Consulting, says: “When you see the same error across multiple Office web apps, it usually points to a problem in the Office Online Server (OOS) tier or the Azure Front Door routing layer. The error message is generic because the service is deliberately failing fast to avoid cascading timeouts.”

Mira Patel, Principal Security Analyst at SecureShift, adds: “Cross‑service incidents are a reminder that the same authentication token and telemetry pipelines are reused across Teams, OneDrive, and Office for the web. A single misconfiguration can therefore surface in many user‑facing products.”

Both experts agree that the root cause is likely a configuration drift in a shared service, not a security breach.

Practical advice for admins

  1. Check the Microsoft 365 admin center
    • Navigate to Health → Service health and locate incident MO1329446 for the latest status.
    • Subscribe to email alerts so you receive updates as Microsoft posts them.
  2. Communicate with end users
    • Post a brief notice in Teams channels or via a company intranet explaining the outage and linking to the official status page.
    • Advise users to avoid repeatedly refreshing the document, which can increase load on the already‑stressed service.
  3. Enable offline workarounds
    • Instruct users to open the file in the desktop version of Office (e.g., Excel Desktop) if they have it installed. The desktop apps connect directly to OneDrive/SharePoint and are not affected by the web rendering issue.
    • For Teams, suggest using the "Open in Desktop" button for shared files, or downloading the file to a local machine for editing.
  4. Monitor telemetry
    • If you have Azure Monitor or Sentinel connected to your tenant, create a query for failed OfficeOnline requests (status code 503) to gauge the scope within your organization.
    • Look for spikes in CPU/Memory metrics on any custom Azure resources that host Office add‑ins or bots.
  5. Prepare for post‑incident review
    • Document the timeline, impact, and any workarounds you deployed.
    • After the service is restored, run a post‑mortem checklist (see Microsoft’s Incident response guide) to capture lessons learned.

What to expect next

Microsoft says it is investigating service telemetry to isolate the root cause. The company has not yet published a regional impact map or a definitive ETA for full restoration. Historically, similar Office Online outages have been resolved within a few hours once the offending configuration is rolled back.

In the meantime, keep an eye on:

  • The Microsoft 365 Service health dashboard for real‑time updates.
  • The Microsoft 365 Twitter feed (@MSFT365Status) for brief status messages.
  • Any follow‑up communications from your internal IT team regarding MFA or cache‑related incidents that may affect authentication flows.

Bottom line

While the outage is inconvenient, it is not a security incident. The key actions are clear communication, leveraging desktop Office apps as a fallback, and monitoring telemetry for any unexpected side effects. Once Microsoft confirms the fix, consider reviewing your change‑management processes for shared services to reduce the risk of similar cross‑service failures in the future.

Comments

Loading comments...
Back to Home