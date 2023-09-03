Microsoft has recently reminded users that the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols will soon be disabled in future releases of Windows. TLS is a protocol designed to protect users from eavesdropping, tampering, and message forgery when exchanging information over the internet via client/server applications.

The original TLS 1.0 specification was introduced in 1999, followed by the TLS 1.1 successor in 2006. After careful consideration and the development of 28 protocol drafts, the Internet Engineering Task Force (IETF) approved the next major version of the TLS protocol, TLS 1.3, in March 2018.

Microsoft clarified that this change will only affect future new Windows operating systems. Existing Windows versions will not be impacted. Starting in September 2023, Windows 11 Insider Preview builds will have TLS versions 1.0 and 1.1 disabled by default, although users will have the option to re-enable them if compatibility is necessary.

While the transition is expected to have minimal impact on home users, enterprise administrators are advised to conduct tests to identify any affected applications and update or replace them accordingly. Applications that encounter issues or fail after the outdated TLS versions are disabled will be tagged using Event 36871 in the Windows Event Log.

It’s worth noting that Microsoft has warned that support for these TLS versions may eventually be completely removed. The company aims to move away from outdated traffic encryption protocols and align with industry efforts to phase out insecure TLS protocols.

In collaboration with other tech giants, including Google, Apple, and Mozilla, Microsoft announced plans in October 2018 to start phasing out insecure TLS protocols. By August 2020, Microsoft had enabled TLS 1.3 by default in Windows 10 Insider builds. The National Security Agency (NSA) has also provided guidance on identifying and replacing outdated TLS protocol versions and configurations with more secure alternatives.

Obsolete TLS configurations pose a risk, as attackers can exploit them to gain access to sensitive data through techniques such as passive decryption and man-in-the-middle attacks. Microsoft’s move to disable insecure TLS 1.0 and 1.1 protocols aims to enhance security and protect users from potential vulnerabilities.

