What is happening? We are making a security modification to Internet Explorer (IE) on academic support computers to enable TLS 1.1 and TLS 1.2, in addition to the current TLS 1.0 and SSL3.0.
When is this happening? Friday October 24 at 5:00 pm
Why is this being done? Versions of IE prior to IE11 are not currently negotiating Transport Layer Security (TLS) 1.1 or 1.2, falling back instead to version 1.0 or SSL 3.0. SSL3.0 can be exploited by the POODLE vulnerability (See: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ )
What is the impact? No user impact is expected. This has been successfully deployed and tested on IST staff machines.
After the upgrade: The new settings can be verified by going into Internet Explorer and selecting “Internet Options/”Advanced” tab/and scrolling to the bottom. You should see “Use SSL3.0”, “Use TLS 1.0” and the new, TLS 1.1 and TLS 1.2 checked. Now IE will start negotiating with secure web servers using TLS 1.2 first, down to SSL3.0.)
Questions/concerns? Please contact the IST Service Desk, email@example.com or ext. 44357.