Microsoft will finally retire aging TLS 1.0 and 1.1 protocols
Office 365 will no longer support these legacy TLS protocols
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Microsofthas revealed that it will enforce the deprecation of the legacy Transport Layer Security (TLS) web protocols TLS 1.0 and 1.1 in Office 365 on October 15 of this year.
Although the software giant’s TLS 1.0 implementation does not have any known security vulnerabilities, the company has decided to discontinue support for the aging protocol due to the potential for future protocol downgrade attacks and other possible TLS vulnerabilities.
Originally Microsoft and other browser vendors had planned to disable TLS 1.0 and 1.1 earlier this year. However, these plans were put on hold once the pandemic began. In a recently updateddocumentthough, Microsoft announced the new enforcement date, saying:
“We temporarily halted deprecation enforcement of TLS 1.0 and 1.1 for commercial customers due to covid-19, but as supply chains have adjusted and certain countries open back up, we are resetting the TLS enforcement to start Oct 15, 2020.”
TLS 1.0 and 1.1
The plan to retire TLS 1.0 and 1.1 in the beginning of 2020 was first announced back in 2018. To prepare for this, Microsoft and other browser makers urged customers to adopt TLS 1.2 instead.GoogleChrome, Mozilla Firefox, Microsoft Edge andAppleSafariwere even planning to show error messages from March or April on sites that still used TLS 1.0 and 1.1.
In order to ensure that people could still access government sites during lockdowns, Mozilla temporarily re-enabled support for TLS 1.0 and 1.1 in March. Microsoft and Google then decided to defer disabling the aging TLS protocols until the release ofMicrosoft Edge 84andChrome 84.
The updated versions of both browsers have now been released which is why Microsoft now believes it is time to enforce the deprecation of these legacy TLS protocols inOffice 365.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The software giant expects the effect of the change to be “minimal” since the deprecation of TLS 1.0 and 1.1 has been known about since 2017.
ViaZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
England vs Australia live stream: how to watch 2024 rugby union Autumn International online from anywhere
