TLS 1.0 and TLS 1.1 will be disabled in Windows: here's what you can do
3 min. read
Updated on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
TLS 1.0 (Transport Layer Security) and TLS 1.1 will be disabled on Windows very soon, the tech giant says in the latest blog posts. The two internet protocols were published in 1999, and 2006 respectively, and they were used to set up an encrypted communication channel between a client and server. These versions have long been surpassed by TLS 1.2 and TLS 1.3.
Even more, over the past several years, TLS 1.0 and TLS 1.1 were no longer used due to a variety of security issues. So with this in mind, TLS 1.0 and TLS 1.1 will be disabled by Microsoft starting with the Windows 11 Insider Preview builds in September 2023 and future Windows OS releases.
But, if you need them, you can still be able to re-enable TLS 1.0 or TLS 1.1 for those of you who need to maintain compatibility.
Guidance for users and IT admins
TLS 1.0 and TLS 1.1 have already been disabled by Microsoft 365 products as well as WinHTTP and WinINet API surfaces. And most newer versions of applications support TLS 1.2 or higher protocol versions.
However, if there are no alternatives available and TLS 1.0 or TLS 1.1 is needed, you will be able to re-enable these protocol versions with a system registry setting:
- Set a (D)TLS or SSL protocol version to the Enabled state.
- Create a DWORD registry value named “Enabled” with an entry value of “1” under the corresponding version-specific subkey.
Examples of TLS 1.0 subkeys are as follows:
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
Additionally, Microsoft warns you that re-enabling TLS 1.0 or TLS 1.1 on machines should only be done as a last resort, and as a temporary solution until incompatible applications can be updated or replaced. Support for these legacy TLS versions may be removed completely in the future.
The Redmond-based tech giant has also prepared a list of applications that will suffer from disabling the TLS 1.0 and TLS 1.1 protocols:
- Safari – 5.1.7
- EVault Data Protection – 7.01.6125
- SQL – 2012, 2014, 2016
- SQL Server – 2014, 2016
- Turbo Tax – 2017, 2014, 2011, 2012, 2016, 2015, 2018
- BlueStacks 3 (??3) – 5.10.0.6513
- BlueStacks X – 0.21.0.1063
- Xbox One SmartGlass – 2.2.1702.2004
- Splice – 4.0.35686, 4.2.4
- Driver Support – 10.1.2.41, 10.1.4.20
- K7 Enterprise Security and 4.1.0.116
- DRUKI Gofin – 3.17.63.0
- Project Plan 365 – 23.8.1204.14137
- vWorkspace – 8.6.1
- ARMA 3
- Microsoft Office 2008 Professional – Accounting Express
- LANGuard – 12.7.2022.0406
- Adguard – 6.4.1814.4903, 7.12.41.70.0
- ?????? – 5.2.5.9
- CCB Security Client (??????E????????) – 3.3.8.4
- ArcGIS – 10.3.3400
- ACDSee Photo Studio โ 2018, 2023
- Blio e-Reader – 3.4.0.9728, 3.4.1.9759
You should check out the full blog post here. And let us know your opinion in the comments section below.
User forum
0 messages