Microsoft to deprecate legacy TLS in Exchange Online starting July
Summary
Microsoft will begin deprecating support for legacy TLS (Transport Layer Security) versions in Exchange Online for POP and IMAP email clients starting in July 2026. This move aims to enhance email security by enforcing stronger encryption protocols for data in transit.
IFF Assessment
FRIEND
This is good news for defenders as it moves users towards more secure encryption protocols, reducing the attack surface for man-in-the-middle attacks on email traffic.
Defender Context
This change will require administrators to ensure their email clients and servers are updated to support modern TLS versions before the deadline to avoid service disruption. Defenders should proactively monitor for client compatibility issues and educate users about the upcoming transition.