![Prevent/Fix: Microsoft Baseline Security Mode has automatically trigger Entra Conditional Access policy creation [MC1246002]](https://mwpro.co.uk/wp-content/uploads/2025/06/graffiti-6656040_1920-1024x683.webp "Prevent/Fix: Microsoft Baseline Security Mode has automatically trigger Entra Conditional Access policy creation [MC1246002] 1")
Problem detected: Microsoft Baseline Security Mode has automatically triggers Entra Conditional Access policy creation
Customers who accessed Baseline Security Mode in Microsoft 365 between November 2025 and early February 2026 might see two draft Microsoft Entra ID Conditional Access policies created in their tenant in a Disabled state. These policies are associated with Baseline Security Mode and might appear as created by the administrator who signed in to the Microsoft Baseline Security Mode page.
[How this will affect your organization:]
This behavior doesn’t represent a security incident and has no effect on tenant security. The policies are in a disabled draft state.
[What you need to do to prepare:]
There’s no action needed to prepare. A fix has rolled out to ensure policies are created only through explicit administrator action. Any unintentionally created policy drafts will be removed as part of addressing this issue.
[Learn more about Microsoft Baseline Security Mode]
Baseline Security Mode: https://learn.microsoft.com/en-us/microsoft-365/baseline-security-mode/baseline-security-mode-settings?view=o365-worldwide
Source: Microsoft
Latest Posts
- Amazon FSx for OpenZFS now supports on-demand data replication across AWS opt-in Regions
- AWS Management Console Private Access now works without internet connectivity
- (Updated) Viva Engage: Email updates for frontline users without an active Exchange mailbox [MC1309743]
- (Updated) Microsoft Purview: Data Security Investigations – analyze files tied to endpoint DLP alerts [MC1258000]
