Reviews
Microsoft to Deactivate TLS 1.0 and 1.1 Support in Windows
Microsoft recently disclosed its plan to discontinue support for the outdated Transport Layer Security (TLS) protocol versions 1.0 and 1.1 in Windows. The rationale behind this decision stems from identified security vulnerabilities in these antiquated protocols and the progression of internet standards and regulatory guidelines that have deprecated or banned their use.
The company anticipates that ceasing support for TLS 1.0 and 1.1 will fortify the overall security posture of Windows and its user base, encouraging the adoption of more contemporary protocol versions.
Commencing in September 2023, Microsoft intends to deactivate these protocols in Insider builds for Windows 11, eventually extending this action to future releases of Windows OS. The scope of this change remains uncertain, as it is unclear whether it will exclusively affect Windows 11 or also encompass Windows 10.
Verification of TLS 1.0 and 1.1 Issues on Windows
To ascertain if any applications hinge on TLS 1.0 or 1.1, administrators can inspect the Windows Event log for event ID 36871. Microsoft has offered a sample error message to facilitate this diagnostic process.
Reinstating TLS 1.0 and 1.1 on Windows
If necessary, administrators can reinstate TLS 1.0 and/or 1.1 post their deactivation by Microsoft. Such reactivation may be imperative for applications reliant on these protocols. To override the default configurations, users must modify the Windows Registry, locating the designated path for the desired protocol version. Subsequently, they can generate a DWORD (32-Bit) entity named Enabled and assign a value of 1.
It should be noted that separate paths exist for Client and Server settings. For a more comprehensive understanding of enabling these protocols, Microsoft’s support article on TLS configurations in the Registry furnishes elaborate insights.
Concluding Remarks
For the majority of Windows users, the discontinuation of TLS 1.0 and 1.1 support is unlikely to produce a significant impact on their usage. Nevertheless, administrators are advised to monitor the event log for any potential issues associated with particular applications and take necessary measures accordingly.
Image Source: DANIEL CONSTANTE / Shutterstock
