Microsoft today announced that they are disabling support for SSL 3.0 from December to protect customers from the recently reported vulnerability in SSL 3.0.
We wanted to share details around Security Advisory 3009008. This advisory provides guidance related to a vulnerability in Secure Sockets Layer (SSL) 3.0 which could allow information disclosure. This is an industry-wide vulnerability that affects the protocol itself and is not specific to Microsoft’s implementation. To help protect our customers further, we will be disabling fallback to SSL 3.0 in IE, disabling SSL 3.0 by default in IE, and across Microsoft online services, over the coming months.
Starting on December 1, 2014, Office 365 will disabe support for SSL 3.0. This means that from December 1, 2014, all client/browser combinations will need to utilize TLS 1.0 or higher to connect to Office 365 services without issues.
Read more about it here.