Major Azure Front Door Outage Causing Widespread Service Disruptions Across Microsoft 365, Microsoft Azure, and the Azure Portal (October 29, 2025)

Starting at approximately 16:00 UTC on October 29, 2025, Microsoft Azure began experiencing a significant outage affecting the Azure Front Door (AFD) service. This incident is resulting in latencies, timeouts, and connectivity failures across numerous Microsoft cloud products, including Microsoft 365 services and the Azure Portal.

This article provides an overview of the ongoing outage, the confirmed root cause, its impact on Microsoft services, current remediation steps, and what organizations can do to mitigate risk.

---

What Happened

According to Microsoft’s official incident report, the disruption began when an inadvertent configuration change was deployed to the Azure Front Door platform. The change caused widespread connectivity degradation across multiple Azure regions, impacting not only Azure-hosted workloads but also the front-end delivery layers used by Microsoft 365 and other dependent cloud services.

The issue started propagating around 16:00 UTC and continues to affect several Microsoft services globally, and was resolved as of 2025-10-30 00:05 UTC.

---

Services Impacted

The cascading impact of this outage extends well beyond Azure Front Door itself. Microsoft has confirmed that the following services are experiencing degraded performance or accessibility issues:

• Azure Front Door — connectivity issues, latency, and timeouts.
• Microsoft 365 Admin Center — users may be unable to access or experience severe delays.
• Azure Management Portal — functionality and data loading issues reported.

Additionally, Microsoft notes that admins may see errors when accessing security, compliance, and identity management features across Microsoft 365 and Azure environments.

---

Azure Portal Impact — First-Hand Observation

From direct experience, the Azure Portal is clearly being affected by this incident. While the portal’s interface and main dashboard load, some embedded components fail to render properly. At times, certain data sets load while others fail to retrieve, suggesting unstable or partially degraded connectivity between the portal’s front-end and its regional backend services.

Repeated page refreshes occasionally surface new data, but overall, performance remains unreliable—confirming that the Azure Portal is directly impacted by the same underlying Azure Front Door issue.

---

Microsoft’s Response and Current Status

As of the most recent update at 18:11 UTC, Microsoft has:

• Halted deployment of the problematic configuration.
• Initiated rollout of the “last known good” configuration, expected to take approximately 30 minutes to complete.
• Started rerouting traffic away from affected infrastructure toward healthy nodes to restore service availability.
• Temporarily blocked customer configuration changes during active mitigation to prevent further instability.

For Microsoft 365, engineering teams are also rerouting traffic and reverting impacted infrastructure to a previously healthy state. The next official update is scheduled for 19:30 UTC.

While partial restoration has been observed, Microsoft has not yet provided an estimated time for full mitigation.

---

Scope of Impact

This outage has the potential to affect any customer or service relying on Azure Front Door for global load balancing, content delivery, or secure front-end routing. The degradation is impacting both enterprise customers and Microsoft’s own cloud offerings, including productivity, identity, and management tools.

At this stage, users worldwide may encounter slow responses, incomplete data loads, and intermittent service errorsacross both Microsoft 365 and Azure portals.

---

Recommended Actions for Customers

To minimize disruption, organizations can take the following steps:

1. Implement failover strategies using Azure Traffic Manager to route traffic directly to origin servers where possible.
2. Avoid making configuration changes within Azure or Microsoft 365 until Microsoft confirms the environment is stable.
3. Monitor official service health updates at status.cloud.microsoft for the latest information.
4. Communicate with internal stakeholders to set expectations for degraded service performance during ongoing recovery.

---

The Importance of Infrastructure as Code (IaC) During Configuration Rollbacks

One key takeaway from this outage is the importance of implementing Infrastructure as Code (IaC) practices for managing Azure configurations and deployments. Microsoft’s rollback to a “last known good” configuration for Azure Front Door highlights a common risk in cloud operations: when the platform reverts to a previous state, any recent customer-side configuration changes may be lost or overwritten.

Organizations relying solely on manual configuration through the Azure Portal could find themselves needing to reapply changes that were unintentionally reverted during Microsoft’s mitigation process. This is where IaC tools such as Bicep, Terraform, ARM templates, or Pulumi become invaluable.

By codifying your Azure environment configurations, IaC ensures that your infrastructure state is version-controlled, repeatable, and easily recoverable. In the event of an upstream rollback—like the one currently being performed on Azure Front Door—teams can rapidly redeploy or reapply their configurations with confidence, restoring their intended state without guesswork.

Adopting IaC not only simplifies recovery during outages but also strengthens your organization’s overall resilience and governance posture, ensuring consistent configurations across environments and reducing human error during high-pressure incidents like this one.

---

Timeline

2025-10-30 00:05 UTC – Preliminary Post Incident Review (PIR) – Azure Front Door – Connectivity issues across regions

This is our Preliminary PIR to share what we know so far. After our internal retrospective is completed (generally within 14 days) we will publish a Final PIR with additional details.

What happened?

Between 15:45 UTC on 29 October and 00:05 UTC on 30 October 2025, customers and Microsoft services leveraging Azure Front Door (AFD) may have experienced latencies, timeouts, and errors.

Affected Azure services include, but are not limited to: App Service, Azure Active Directory B2C, Azure Communication Services, Azure Databricks, Azure Healthcare APIs, Azure Maps, Azure Portal, Azure SQL Database, Azure Virtual Desktop, Container Registry, Media Services, Microsoft Copilot for Security, Microsoft Defender External Attack Surface Management, Microsoft Entra ID (Mobility Management Policy Service, Identity & Access Management, and User Management UX), Microsoft Purview, Microsoft Sentinel (Threat Intelligence), and Video Indexer.

Customer configuration changes to AFD remain temporarily blocked. We will notify customers once this block has been lifted. While error rates and latency are back to pre-incident levels, a small number of customers may still be seeing issues and we are still working to mitigate this long tail. Updates will be provided directly via Azure Service Health.

What went wrong and why?

An inadvertent tenant configuration change within Azure Front Door (AFD) triggered a widespread service disruption affecting both Microsoft services and customer applications dependent on AFD for global content delivery. The change introduced an invalid or inconsistent configuration state that caused a significant number of AFD nodes to fail to load properly, leading to increased latencies, timeouts, and connection errors for downstream services.

As unhealthy nodes dropped out of the global pool, traffic distribution across healthy nodes became imbalanced, amplifying the impact and causing intermittent availability even for regions that were partially healthy. We immediately blocked all further configuration changes to prevent additional propagation of the faulty state and began deploying a ‘last known good’ configuration across the global fleet. Recovery required reloading configurations across a large number of nodes and rebalancing traffic gradually to avoid overload conditions as nodes returned to service. This deliberate, phased recovery was necessary to stabilize the system while restoring scale and ensuring no recurrence of the issue.

The trigger was traced to a faulty tenant configuration deployment process. Our protection mechanisms, to validate and block any erroneous deployments, failed due to a software defect which allowed the deployment to bypass safety validations. Safeguards have since been reviewed and additional validation and rollback controls have been immediately implemented to prevent similar issues in the future.

How did we respond?

• 15:45 UTC on 29 October 2025 – Customer impact began.
• 16:04 UTC on 29 October 2025 – Investigation commenced following monitoring alerts being triggered.
• 16:15 UTC on 29 October 2025 – We began the investigation and started to examine configuration changes within AFD.
• 16:18 UTC on 29 October 2025 – Initial communication posted to our public status page.
• 16:20 UTC on 29 October 2025 – Targeted communications to impacted customers sent to Azure Service Health.
• 17:26 UTC on 29 October 2025 – Azure portal failed away from Azure Front Door.
• 17:30 UTC on 29 October 2025 – We blocked all new customer configuration changes to prevent further impact.
• 17:40 UTC on 29 October 2025 – We initiated the deployment of our ‘last known good’ configuration.
• 18:30 UTC on 29 October 2025 – We started to push the fixed configuration globally.
• 18:45 UTC on 29 October 2025 – Manual recovery of nodes commenced while gradual routing of traffic to healthy nodes began after the fixed configuration was pushed globally.
• 23:15 UTC on 29 October 2025 – PowerApps mitigation of dependency, and customers confirm mitigation.
• 00:05 UTC on 30 October 2025 – AFD impact confirmed mitigated for customers.

What happens next?

Our team will be completing an internal retrospective to understand the incident in more detail and will share findings within 14 days. Once we complete our internal retrospective, generally within 14 days, we will publish a final Post Incident Review (PIR) to all impacted customers.

To get notified when that happens, and/or to stay informed about future Azure service issues, make sure that you configure and maintain Azure Service Health alerts – these can trigger emails, SMS, push notifications, webhooks, and more: https://aka.ms/ash-alerts

For more information on Post Incident Reviews, refer to https://aka.ms/AzurePIRs

The impact times above represent the full incident duration, so are not specific to any individual customer. Actual impact to service availability may vary between customers and resources – for guidance on implementing monitoring to understand granular impact: https://aka.ms/AzPIR/Monitoring

Finally, for broader guidance on preparing for cloud incidents, refer to https://aka.ms/incidentreadiness

2025-10-29 21:23 UTC – Users may see issues accessing some Microsoft 365 services and portals

User impact: Users may see issues accessing some Microsoft 365 services and portals.

More info: We’ve edited the Title, User impact, and More info sections of this communication to align with our current understanding of the affected scenarios.

Impacted scenarios include, but may not be limited to the following:

– Access to some Microsoft Entra, Microsoft Power Apps, Microsoft Intune, and Microsoft Defender functions.

– Microsoft Purview Information Protection (MIP), Data Lifecycle Management (DLM), eDiscovery, Microsoft Purview Insider Risk Management (IRM), Communications Compliance, Data Governance, and other related Microsoft Purview features.

– Access to the Exchange admin center (EAC), security.microsoft.com, learn.microsoft.com, and other portals accessed through microsoft.com.

– Issues with add-ins and network connectivity in Outlook.

– Degraded functionality to some workflows within Microsoft Teams, including impact to location data in support of emergency calls. Users may also see transcription failures and issues leveraging Copilot within meetings.

– High latency, timeouts, errors, or inaccessibility of Microsoft Copilot Dashboard, Copilot Analytics Power BI reports, and advanced reporting capabilities.

– Windows 365 users may be unable load the client to discover Cloud PC resources or initiate resource discovery through the end user API.

Current status: We’re closely monitoring affected infrastructure where the impacting change was previously applied to ensure the reversion has taken effect and that all infrastructure is brought back to a healthy state. This is occurring in tandem with our efforts to manually rebalance service traffic across the environment to achieve withstanding recovery. We’re aware that users may continue to see impact as these recovery workstreams are ongoing, and we’ll provide a clearer remediation timeline as soon as possible.

Scope of impact: Any users attempting to access Microsoft 365 services, such as those detailed in the more info section above, may be impacted. This information may be updated as our investigation continues.

Start time: Wednesday, October 29, 2025, 3:49 PM UTC

Preliminary root cause: A problematic configuration change was applied to a portion of Azure infrastructure.

2025-10-29 21:12 UTC – Azure Front Door – Connectivity issues – Observing recovery 

Starting at approximately 16:00 UTC on 29 October 2025, customers and Microsoft services leveraging Azure Front Door (AFD) may experience latencies, timeouts, and errors. We have confirmed that an inadvertent configuration change was the trigger event for this issue.

Affected Azure services include, but are not limited to: App Service, Azure Active Directory B2C, Azure Communication Services, Azure Databricks, Azure Healthcare APIs, Azure Maps, Azure Portal, Azure SQL Database, Container Registry, Media Services, Microsoft Defender External Attack Surface Management, Microsoft Entra ID, Microsoft Purview, Microsoft Sentinel, Video Indexer, and Virtual Desktop.

Current status: We initiated the deployment of our ‘last known good’ configuration, which has now successfully completed. We are currently recovering nodes and re-routing traffic through healthy nodes.

As recovery progresses, some requests may still land on unhealthy nodes, resulting in intermittent failures or reduced availability until more nodes are fully restored. This recovery effort involves reloading configurations and rebalancing traffic across a large volume of nodes to restore full operational scale. The process is gradual by design, ensuring stability and preventing overload as dependent services recover. We expect continued improvement across affected regions. This means we expect recovery to happen by 23:20 UTC on 29 October 2025

Customer configuration changes remain temporarily blocked to prevent new deployments that could interfere with recovery. We will notify customers once this block has been lifted. Customers can failover to origins if they decide to.

Some customers may also have experienced issues accessing the Azure management portal. We have failed the portal away from AFD to mitigate these access issues. Customers should now be able to access the Azure portal directly, and while most portal extensions are functioning as expected, a small number of endpoints (e.g., Marketplace) may still experience intermittent loading problems.

We will provide another update on our progress within two hours, or sooner if warranted. Although we are seeing signs of recovery, customers may also consider implementing existing failover strategies using Azure Traffic Manager to redirect traffic from Azure Front Door to their origin servers as an interim measure. https://learn.microsoft.com/azure/frontdoor/routing-methods

2025-10-29 19:30 UTC – Users may be unable to access the Microsoft 365 admin center and see delays when accessing other Microsoft 365 services

User impact: Users may be unable to access the Microsoft 365 admin center and see delays when accessing other Microsoft 365 services.

More info: Additionally, admins are reporting issues when attempting to access some Microsoft Entra, Microsoft Purview, Microsoft Defender, Microsoft Power Apps and Microsoft Intune functions. Users are also seeing issues with add-ins and network connectivity in Outlook.

Current status: We’ve halted the rollout of the impacting configuration change. We’re continuing our efforts to route service traffic away from the affected infrastructure, where the change was already applied, to recover service availability as quickly as possible. In parallel, we’re working to revert the impacted infrastructure to a previous healthy state.

Scope of impact: Any users attempting to access Microsoft 365 services, such as those detailed in the more info section above, may be impacted. This information may be updated as our investigation continues.

Source: https://status.cloud.microsoft

2025-10-29 16:00 UTC – Azure Front Door – Connectivity issues 

Starting at approximately 16:00 UTC, customers and Microsoft services leveraging Azure Front Door (AFD) may have experienced latencies, timeouts, and errors. We have confirmed that an inadvertent configuration change was the trigger event for this issue.

Current status:

We have initiated the deployment of our last known good configuration, which is expected to complete within 30 minutes. As this deployment progresses, customers should begin to see initial signs of recovery. Once completed, we will begin recovering nodes and routing traffic through these healthy nodes.

Customer configuration changes will remain temporarily blocked while we continue mitigation efforts. We will notify customers once this block has been lifted.

Some customers may also have experienced issues accessing the Azure management portal. We have failed the portal away from AFD to mitigate these access issues. Customers should now be able to access the Azure portal directly, and while most portal extensions are functioning as expected, a small number of endpoints (e.g., Marketplace) may still experience intermittent loading problems.

We do not yet have an ETA for full mitigation, but we will provide another update within 30 minutes, once the deployment has completed.

Customers may also consider implementing failover strategies using Azure Traffic Manager to redirect traffic from Azure Front Door to their origin servers as an interim measure.

Source: https://azure.status.microsoft/en-us/status

Looking Ahead

As Microsoft continues to roll out mitigations and reroute service traffic, customers may begin to see gradual signs of recovery across affected workloads. However, intermittent errors are expected until full restoration is complete.

This incident underscores the critical role of Azure Front Door as a core dependency in Microsoft’s global cloud architecture — and highlights the importance of multi-region redundancy and robust failover strategies for organizations operating in the cloud.

Original Article Source: Major Azure Front Door Outage Causing Widespread Service Disruptions Across Microsoft 365, Microsoft Azure, and the Azure Portal (October 29, 2025) written by Chris Pietschmann (If you're reading this somewhere other than Build5Nines.com, it was republished without permission.)