Windows support for package download with TLS 1.0/1.1 ends (9/24/2020)

[German]On September 24, 2020, Microsoft will discontinue support for package downloads from packages.microsoft.com over connections encrypted using TLS 1.0/1.1. Here is some information on the subject.

Background to the TLS topic

Transport Layer Security (TLS)

is a hybrid encryption protocol for secure data transmission on the Internet. Historically, different TLS versions from 1.0 over 1.1 up to 1.2 and recently TLS 1.3 have been defined and are in use.

Since encryption in TLS 1.0 and 1.1 is no longer considered secure, the IT industry is gradually trying to switch to TLS 1.2 and/or TLS 1.3 for secure Internet connections.

Postponement of plans due to Corona crisis

Microsoft is also counting on the replacement of TLS 1.0/1.1 (the announcement from 2018 about the discontinuation of TLS 1.0/1.1 in Edge and Internet Explorer can be found here). However, due to the corona virus pandemic, the deactivation of TLS 1.0/1.1, which was planned for the beginning of 2020, was postponed for the time being. I had reported about this in the blog post Microsoft postpone the deactivation of TLS 1.0/1.1.

TLS 1.0/1.1 is switched off

However, Microsoft will now switch off support for TLS 1.0/1.1 in the coming weeks. In Office 365, support for TLS 1.0/1.1 will end on October 15, 2020 – I mentioned this in the blog post Office 365: TLS 1.0/1.1 support ends on Oct. 15, 2020.

On this web site Microsoft has updated the roadmap for further steps to switch off TLS 1.0/1.1 on August 15, 2020. For Internet Explorer and Microsoft Edge Legacy, TLS 1.0 and TLS 1.1 will be disabled by default in spring 2021 at the earliest. However, enterprise administrators can disable TLS 1.0 and TLS 1.1 before that date using Group Policy.

In this Techcommunity post Microsoft notes that TLS support for downloading all packages available for download from packages.microsoft.com will change. Starting September 24, 2020, downloads will only be available using TLS 1.2 connections. Administrators may need to become active and enable TLS 1.2 support in their environments.

TLS-Support in Windows
(TLS-Support in Windows, Source: Microsoft)

The table above lists which Windows versions support which TLS versions. The table can be found in this document which Microsoft has set up to solve TLS 1.0 issues. The colleagues from deskmodder.de have addressed the topic here. Windows 7 and Server 2008 R2 have been upgraded to TLS 1.2 with the update KB3140245 in early 2019.

This entry was posted in Windows and tagged , . Bookmark the permalink.

One Response to Windows support for package download with TLS 1.0/1.1 ends (9/24/2020)

  1. MattR says:

    Just wanted to call out a correction, the heading should read (9/24/2020) not (9/24/2010).

    As always, thanks for great up to date info!

Leave a Reply

Your email address will not be published. Required fields are marked *