Microsoft Teams- and calendar invitation links detected as malicious

Incident Report for WithSecure services

Resolved

The issue has been resolved.
Detections may still occur until the cache has expired.
Instructions to clear the cache in WithSecure Elements Endpoint Protection can be found here:
https://community.withsecure.com/en/kb/articles/29354-how-to-troubleshoot-security-cloud

Posted Dec 02, 2025 - 09:41 UTC

We are investigating reports of Microsoft Teams- and calendar invitation links being falsely detected as malicious.

Posted Dec 02, 2025 - 08:12 UTC

This incident affected: WithSecure Cloud Protection for Salesforce (Backend) and WithSecure Elements (Endpoint Protection, Collaboration Protection).