What we found:
Meraki SDWAN appliance with IPS prevention enabled.
In Security Center, we see this alert:
Our resolution:
Whitelist SNORT Signature 1:60381 (Click "On" to whitelist)
At this point, all of your Office 365 / Internet / Outlook / MS Teams issues should be resolved. Users should be working. The users may need to restart apps or reboot.
Then patch all Microsoft OS's. You can't patch until the rule is Whitelisted.
After everything is patched, enable the SNORT signature 1:60381 (Click "Off" to remove from whitelist):
This has worked for 3 organizations where we implemented this fix.
---UPDATE---
I need to eat a nice plate of crow. While the fix to whitelist the snort rule works 100%, applying the Windows Updates did not resolve the issue. When we turn on the SNORT signature, it breaks most clients again. We thought the Windows Updates fixed it, but it turned out that after some reboots and resets, the applications are still being blocked with the Whitelist disabled. We also confirmed this in Security Center as we still see incrementing hits on the SNORT rule.
So we are leaving the Whitelist ON for now.