Im still seeing this occur frequently. On a tenant with approximately 60 Windows 10 devices, we are seeing 1 to 2 per day fail with this error.
The only current resolution is to exempt the device from the compliance policy, wait 24 hours, then remove the exemption. This seems to reset the evaluation of the policy and it then works (however it seems its likely to reoccur, often the same device errors again within a week).
This is a massive issue, as users are locked out of all services when a device errors and it takes a couple of hours for the workaround to kick in.
Im seeing this get worse. Many devices falling out of compliance for Windows Firewall, Anti-virus, Code Integrity and/or Secure Boot - or any combination of those. All are ok on the machine itself, they just report as non-compliant.
Just this week about 20% of an entire estate of machines decided to fall out of compliance on Secure Boot and Code Integrity for no apparent reason. It is causing significant problems as users cannot work when a machine goes non-compliant.
I too am beginning to see this appear a lot in the last week.
It previously occurred in January and a backend fix was implemented, along with improvements in Windows 10 1903 - all was ok for a couple of months. Now I am seeing many devices fail compliance with errors like this, this is over multiple tenants too.
This is critical as Office 365 services support ipv6, so client IPs are also logged in Azure AD with their IPv6 addresses - so their prevents all location based conditional access policies working.