Monday, July 13, 23:25 p.m.
Home security Microsoft: Delays COLID-19 TLS Disable Protocols Disable

Microsoft: Delays COLID-19 TLS Disable Protocols Disable

Microsoft TLS protocols

Η Microsoft announced yesterday that it will delay the deactivation of unsafe Transport Layer Security (TLS) 1.0 and 1.1 protocols on its web browsers because of the current global situation. Support for disabling by default will probably be in the second half of 2020, most likely by July.

“For the new Microsoft Edge (Chromium-based), TLS 1.0 and 1.1 will not be disabled by default before release Microsoft Edge 84 (currently planned for July 2020), "said Kyle Pflug, head of the Microsoft Edge Developer team.

“For all its supported versions Internet Explorer 11 and Microsoft Edge Legacy (based on EdgeHTML), TLS 1.0 and TLS 1.1 will be disabled by default on September 8, 2020;

The users will be able to restore TLS 1.0 and TLS 1.1 even after shutdown, but Microsoft recommends the switch to new, more secure protocols. The latest versions of TLS have more modern encryption and are widely supported by the modern browsers.

"Retirement" plans of the TLS protocols

Earlier this month, the Mozilla said that support for unsecured TLS will be re-enabled in its latest release Firefox, so that users can have access to government sites that provide information for COVID-19. These sites have not yet been upgraded to newer versions of TLS.

A few days earlier, Mozilla had removed support for TLS 1.0 and TLS 1.1 Firefox 74.0 released on March 10th.

The "retirement" of these unsecured protocols from the list of supported protocols had already been announced by the October 2018, from all major browser manufacturers (Microsoft, Google, Apple, Mozilla).

Microsoft had said then that these protocols would be disabled at some point during the first half of 2020.

Above the 97% of sites, who participated in her research Qualys SSL Labs, support unsecured TLS 1.2 or TLS 1.3 protocols. Therefore, it is important to implement new, more secure protocols to protect this huge number of sites.

According to usage statistics then shared by Microsoft, Google, Apple and Mozilla, the vast majority of users they no longer use these protocols.

On the other hand, the Netcraft reported in early March that unsecured TLS 1.0 and TLS 1.1 protocols are still used on more than 850.000 sites, exposing users to large risk.

“The use of TLS 1.0 in e-commerce sites as a measure of user data protection has been banned by the Payment Card Industry Data Security Standard, as of June 2018, so many sites have already switched to other protocols, ”explained Netcraft.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Ryzen 7 1700 vs. Ryzen 3 3300X: 8 cores vs. 4

AMD's favorite classic old generation, Ryzen 7 1700, is being tested and compared to its direct competitor, the 4-core Ryzen 3 ...
00:02:36

Browser War: Safari and Edge threaten Chrome

The new Edge browser, released for Windows 10 Home and now available for download on Mac, is based on Chromium, which ...

PC sales worldwide have increased due to coronavirus

The outbreak of the coronavirus pandemic has affected all areas of our lives. After health and other industries have been hit ...

MIT: They make a robot handle that will be able to distinguish cables!

MIT researchers have developed a robot handle with the ability to handle very thin objects such as ropes and cables, according to a statement.

Fedora 33: Will contain Nano as the default text editor

Have you ever thought, who is your favorite text editor, when we talk about operating systems based on ...

Hacker was selling databases of the Ukrainian government

A Ukrainian hacker has been arrested for selling confidential information collected from Ukrainian government databases. According to a ...
00:02:11

TikTok downloaded 49 million videos that violated the terms of use

TikTok downloaded more than 49 million videos from users around the world in the second half of 2019, according to ...

United Kingdom: Is Huawei's immediate foreclosure "dangerous"?

Philip Jansen, CEO of the British telecommunications company "BT", stated that any government move demands the immediate exclusion of the Huawei kit from ...

Dark Mode comes in Google Docs, Sheets and Slides for Android

Do you spend a lot of time using Google Docs, Sheets or Slides on your Android phone or tablet? We have good news for you ...

Hackers seek to exploit vulnerabilities in Citrix ADC

Last week, Citrix released fixes for a total of 11 vulnerabilities in some of its most popular products, in which ...