Office 365 & TLS 1.2 – What do you need to do?

As you may know Microsoft are going to stop any connectivity to Office 365 from services and devices that are using anything less than TLS 1.2 on October 31st.

I have read the Technet articles other Microsoft supplementary information on this and some very good blogs that go into great detail. I have pulled together the following high level list of technologies that are still widely used and will require remediation before the October 31st deadline.

Here are the headlines of what is affected:

  • Anyone using Microsoft Office, connecting to Office 365 using Windows 7 (Outlook, Skype, Teams, OneDrive, Word etc)
  • Anyone using Internet Explorer 8, 9, or 10 to connect to the Office 365 portal/apps
  • Anyone using Google Chrome < v29 to connect to Office 365 portal/apps
  • Anyone connecting to Skype for Business Online with Lync Phone Edition

 < One of these…

  • Anyone using Exchange Server 2010 on Windows Server 2008 or 2008 R2 operating systems to send encrypted TLS mail to Exchange Online
  • Anyone using operating systems < Windows 7
  • Anyone using Exchange Server < 2010

What can we do ahead of October 31st?

Patch Windows 7 using these registry changes & patches

Enable TLS 1.2 in Internet Explorer 7, 8 or 9

Upgrade Google Chrome to ≥ v29

Replace Lync Phones, most manufacturers have a replacement programme, see this post for a list of those

Patch Exchange Server and the underlying operating system (if required) to support TLS 1.2 communication with Exchange Online. The Exchange team have this blog post to help you with that. (Note: mail flow will still work as it is opportunistic but it will fall back to unencrypted)

Upgrade to Windows 10


Microsoft have put this date back once already so this is likely to remain as the deadline.

365 Guy

Microsoft Infrastructure Consultant @ Novosco. Specialising in Office 365, Azure AD & Exchange Server.

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *