{"id":88492,"date":"2019-02-11T09:00:49","date_gmt":"2019-02-11T17:00:49","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=88492"},"modified":"2023-05-15T23:09:53","modified_gmt":"2023-05-16T06:09:53","slug":"solving-the-tls-1-0-problem","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/","title":{"rendered":"Solving the TLS 1.0 problem"},"content":{"rendered":"<p>The use of Transport Layer Security (TLS) encryption for data in transit is a common way to help ensure the confidentiality and integrity of data transmitted between devices, such as a web server and a computer. However, in recent years older versions of the protocol have been shown to have vulnerabilities, and therefore their use should be deprecated.<\/p>\n<p>We have been recommending the use of TLS 1.2 and above for some time. To help provide guidance, we are pleased to announce the release of the <a href=\"https:\/\/docs.microsoft.com\/en-us\/security\/solving-tls1-problem\" target=\"_blank\" rel=\"noopener noreferrer\">Solving the TLS 1.0 Problem, 2nd Edition<\/a> white paper. The goal of this document is to provide the latest recommendations that can help remove technical blockers to disabling TLS 1.0 while at the same time\u00a0increasing visibility into\u00a0the impact of this change to your own customers.\u00a0Completing such investigations can help reduce the\u00a0business\u00a0impact of the next security vulnerability in TLS 1.0.<\/p>\n<p>In the second edition update we added the following:<\/p>\n<ul>\n<li>Updates covering all of the new products and features Microsoft has shipped since the first version of the white paper, including IIS custom logging fields for weak TLS detection, TLS 1.2 backports to legacy OSes, and more.<\/li>\n<li>Introduction of the Office 365 Secure Score Customer Reporting Portal to help Office 365 tenant admins quantify their customers\u2019 own weak TLS usage.<\/li>\n<li>Much more detail on .NET recommendations and best practices to ensure the usage of TLS 1.2+.<\/li>\n<li>Pointers to <a href=\"https:\/\/github.com\/Microsoft\/DevSkim\" target=\"_blank\" rel=\"noopener noreferrer\">DevSkim<\/a> rules for detection and prevention of TLS hardcoding.<\/li>\n<li>Tips for using PowerShell with TLS 1.2.<\/li>\n<\/ul>\n<p>Read the <a href=\"https:\/\/docs.microsoft.com\/en-us\/security\/solving-tls1-problem\" target=\"_blank\" rel=\"noopener noreferrer\">Solving the TLS 1.0 Problem, 2nd Edition<\/a> white paper to learn more.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0<\/p>\n","protected":false},"author":58,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3662],"topic":[],"products":[],"threat-intelligence":[],"tags":[3825,3822],"coauthors":[1976],"class_list":["post-88492","post","type-post","status-publish","format-standard","hentry","content-type-news","tag-developers","tag-microsoft-security-insights"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Solving the TLS 1.0 problem | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Solving the TLS 1.0 problem | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-11T17:00:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:09:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Andrew Marshall\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andrew Marshall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/andrew-marshall\/\",\"@type\":\"Person\",\"@name\":\"Andrew Marshall\"}],\"headline\":\"Solving the TLS 1.0 problem\",\"datePublished\":\"2019-02-11T17:00:49+00:00\",\"dateModified\":\"2023-05-16T06:09:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\"},\"wordCount\":260,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"keywords\":[\"Developers\",\"Microsoft Security Insights\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\",\"name\":\"Solving the TLS 1.0 problem | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"datePublished\":\"2019-02-11T17:00:49+00:00\",\"dateModified\":\"2023-05-16T06:09:53+00:00\",\"description\":\"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Solving the TLS 1.0 problem\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Solving the TLS 1.0 problem | Microsoft Security Blog","description":"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/","og_locale":"en_US","og_type":"article","og_title":"Solving the TLS 1.0 problem | Microsoft Security Blog","og_description":"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/","og_site_name":"Microsoft Security Blog","article_published_time":"2019-02-11T17:00:49+00:00","article_modified_time":"2023-05-16T06:09:53+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"Andrew Marshall","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Andrew Marshall","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/andrew-marshall\/","@type":"Person","@name":"Andrew Marshall"}],"headline":"Solving the TLS 1.0 problem","datePublished":"2019-02-11T17:00:49+00:00","dateModified":"2023-05-16T06:09:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/"},"wordCount":260,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"keywords":["Developers","Microsoft Security Insights"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/","name":"Solving the TLS 1.0 problem | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"datePublished":"2019-02-11T17:00:49+00:00","dateModified":"2023-05-16T06:09:53+00:00","description":"The \u201cSolving the TLS 1.0 Problem\u201d white paper outlines the latest recommendations that can help remove technical blockers to disabling TLS 1.0.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/11\/solving-the-tls-1-0-problem\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Solving the TLS 1.0 problem"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/88492"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/58"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=88492"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/88492\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=88492"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=88492"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=88492"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=88492"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=88492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=88492"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=88492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}