Microsoft has acknowledged a growing issue affecting users of the classic Outlook email client when trying to open encrypted emails sent from other organizations. The problem, which is linked to Outlook Message Encryption (OMEv2), prevents many business users from accessing critical messages and is currently under investigation by the company.
According to Microsoft’s official support document, this problem impacts all Office channels where the classic version of Outlook for Windows is in use. When affected users attempt to open an encrypted email that originated from another tenant (or organization), Outlook displays the error message:
“Configuring your computer for Information Rights Management.”
This bug is particularly disruptive for enterprises that regularly exchange encrypted information across organizational boundaries. While Microsoft has not yet confirmed the root cause, it has issued a temporary workaround that administrators can apply to restore access.
Microsoft suggests two possible solutions, with one being more straightforward than the other:
Exclude external users from Conditional Access requirements.
Enable cross-tenant access to trust multi-factor authentication (MFA) claims from other organizations.
The second option—enabling cross-tenant MFA trust—is the recommended and easier solution. It allows encrypted emails sent between different organizations to be opened without errors, ensuring smoother communication across tenants.
Administrators can apply this fix by updating settings in the Microsoft Entra admin center. The steps are as follows:
Open the “Inbound access settings – Default settings” page in the Microsoft Entra admin center.
Select the “Trust settings” option.
Choose “Trust multifactor authentication from Microsoft Entra tenants.”
Once enabled, encrypted emails sent from your tenant to external users will open correctly. However, there’s a limitation: to access encrypted emails sent to you from other tenants, the sending organization must also implement this configuration on their side.
This means that both sender and receiver organizations need to coordinate and apply the same settings for seamless access to OMEv2 encrypted emails.
For more detailed steps, Microsoft has provided a support document on Entra configuration for encrypted content.
While the workaround restores partial functionality, Microsoft’s Outlook and Purview engineering teams are actively investigating the issue to deliver a permanent fix. The company has assured customers that it will provide updates once the root cause is identified and a patch is ready.
This is not the first time Microsoft has faced Outlook-related issues in 2024. In June, the company released a fix for a bug that caused the classic Outlook client to crash when composing new messages or opening existing emails. Later, in August, Microsoft mitigated another issue in Exchange Online that disrupted email access for Outlook mobile users relying on Hybrid Modern Authentication (HMA).
Encrypted email is a cornerstone of enterprise security, particularly for organizations that handle sensitive data such as legal, financial, or healthcare information. Disruptions in encrypted communication can:
Delay important business transactions.
Reduce trust in secure messaging tools.
Create compliance risks for regulated industries.
Increase support overhead for IT teams.
By sharing a temporary workaround, Microsoft aims to help businesses maintain continuity while its teams work on a full solution.
To reduce the impact of this Outlook bug, IT administrators should:
Enable cross-tenant MFA trust as described above.
Communicate with partner organizations to ensure they also apply the workaround.
Monitor Microsoft’s official support channels for updates.
Prepare end users by informing them of the workaround and possible limitations.
Businesses that depend heavily on encrypted communication should treat this fix as an urgent step until Microsoft delivers a permanent patch.
The Outlook encrypted email issue highlights the complexities of cross-tenant communication in modern enterprise environments. While Microsoft has provided a temporary solution through cross-tenant MFA trust, a long-term patch is still pending.
Organizations should apply the workaround immediately, coordinate with external partners, and stay alert for further updates from Microsoft. Given past incidents with Outlook stability and Exchange connectivity, IT teams should be proactive in testing configurations and keeping business communication uninterrupted.
Interesting Article : Cisco Fixes SNMP Vulnerability CVE-2025-20352 Affecting IOS XE and Meraki Switches
Pingback: CVE-2025-41244: VMware Zero-Day Exploited in Real Attacks, Patch Released