Microsoft has set an official removal date for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in Office 365 from October 15, 2020, after temporarily suspending the removal of commercial applications due to COVID-19.
"As companies begin to reopen and countries reopen, we have set a removal date for TLS 1.0 and 1.1 in Office 365 by October 15, 2020," the company told Microsoft Management Center on Friday.
"As previously communicated [..], we transfer all our internet services to Transport Layer Security (TLS) 1.2+ to provide the best encryption in the category and to ensure that our service is more secure than default. ”
The deactivation of TLS 1.0 / 1.1 was first announced in December 2017 and, as Microsoft explained, the result of this change for the final users is expected to be minimal.
The IT admins can use the official KB4057306 documentation to prepare for TLS 1.2 in Office 365 and Office 365 GCC.
Currently, users of the following clients are advised to update to the latest publications, as it is known that they can not use TLS 1.2:
• Android 4.3 and older versions
• Firefox version 5.0 and older versions
• Internet Explorer 8-10 on Windows 7 and earlier
• Internet Explorer 10 on Windows Phone 8
• Safari 6.0.4 / OS X10.8.4 and earlier
Microsoft has already begun removing unsafe TLS for any Office 365-related clients, devices, or services through TLS 1.0 or 1.1 DoD or GCC High as of January 2020.
Both protocols will also not be supported for commercial Office 365 clients with company suggest "all client-server and browser-server combinations use TLS 1.2 (or later) to maintain connection to Office 365 services."