Microsoft appears to have recently updated its security policy's for multifactor authentication and is now forcing you to "verify" which essentially requires you to add a mobile phone number to your Microsoft account then enter the code that has been sent to you via SMS.
This has been a "feature" for added security for quite a while but just this morning I have had three outlook.com/hotmail.com/live.com email accounts that have been unable to send email until "verified". Ultimately it's good to have better security (after all you wouldn't want them to be careless an expose your personal photos and information out on the net right?). This will reduce the amount of spam out there as well but it does impose a 5 minute interruption on you.
As always keep your wits about you when handling this type of request.
Here are some notifications I have received: