Microsoft has announced that it will be disabling the outdated Transport Layer Security (TLS) protocol versions 1.0 and 1.1 in Windows. This decision was made due to security issues found in these older protocols and the fact that internet standards and regulatory bodies have deprecated or disallowed their usage.
The company believes that disabling TLS 1.0 and 1.1 will enhance the overall security of Windows and its users, as well as encourage the adoption of newer versions of the protocols.
Starting in September 2023, Microsoft plans to disable these protocols in Insider builds for Windows 11, followed by disabling them in future Windows OS releases. It is unclear whether this change will be exclusive to Windows 11 or if it will also apply to Windows 10.
Checking for TLS 1.0 and 1.1 Errors on Windows
To determine if any applications rely on TLS 1.0 or 1.1, administrators can check the Windows Event log for event ID 36871. Microsoft has provided a sample error message to assist with this process.
Enabling TLS 1.0 and 1.1 on Windows
If necessary, administrators can re-enable TLS 1.0 and/or 1.1 after Microsoft disables them. This may be required for applications that depend on these protocols. To override the default settings, users need to edit the Windows Registry and navigate to the desired protocol version’s path. There, they can create a DWORD (32-Bit) value named Enabled and set its value to 1.
It is important to note that there are separate paths for Client and Server settings. Microsoft’s support article on TLS settings in the Registry provides more detailed information on enabling these protocols.
Closing Words
For most Windows users, the disabling of TLS 1.0 and 1.1 will not significantly impact their experience. However, administrators should check the event log for any potential issues with specific applications and take appropriate action accordingly.
Image Source: DANIEL CONSTANTE / Shutterstock
