Shulou(Shulou.com)11/24 Report--

CTOnews.com, January 7, Microsoft announced this week that it will begin to end support for TLS 1.0 CTOnews.com 1.1 for Exchange Online users using Post Office Protocol 3 (POP 3) and Internet Message Access Protocol 4 (IMAP 4) protocols next month.

Microsoft said in the announcement that organizations can continue to use TLS 1.0 Universe 1.1 updates on Exchange Online clients through configuration. However, this configuration change applies only to organizations that "specifically decide to choose a less secure state."

Microsoft explained that starting next month, disabling TLS 1.0 and TLS 1.1 support in Exchange Online for these POP 3 and IMAP 4 clients will be a gradual process:

Starting in February 2023, we began to reject connections that use TLS1.0 for POP3 / IMAP4. The client may have some connection failures when dealing with the connection. Over time, we will increase the percentage of rejected connections, making the connection latency more and more obvious.

The organization will eventually receive an error message informing them that TLS 1.0 and TLS 1.1 are not supported. POP 3 and IMAP 4 clients will prohibit the use of these security protocols after April 2023.

If possible, organizations should switch to the more secure TLS 1.2 security protocol. As early as October 2020, Microsoft disabled TLS 1.0 and TLS 1.1 support for non-government Exchange Online customers who use client protocols other than POP 3 and IMAP 4.

The Exchange Online team keeps customers informed of the various expired or insecure protocols used by the service. Last month, it announced the end of basic authentication support for Exchange Online, a major security improvement that took years and many public warnings that were finally implemented.

CTOnews.com small class: the full name of TLS is the transport layer security protocol. Transport layer security protocol and its predecessor secure socket layer is a kind of security protocol, which aims to provide security and data integrity guarantee for Internet communication. When Netscape launched its first web browser, Netscape Navigator, in 1994, it introduced the HTTPS protocol, which uses SSL for encryption, which is the origin of SSL. IETF standardizes SSL and publishes TLS 1.0 standard document in 1999.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.