Microsoft to Block Legacy TLS Connections for Exchange Online in July 2026

Severity: Medium (Score: 42.9)

Sources: knowledge.workspace.google.com, Theregister, Bleepingcomputer, Scworld

Summary

Microsoft has announced plans to deprecate support for legacy TLS versions (TLS 1.0 and TLS 1.1) for POP and IMAP connections to Exchange Online, starting in July 2026. This change will require all connections to use TLS 1.2 or later, impacting users of older email clients and devices that do not support these newer protocols. Microsoft expects minimal disruption as most users already utilize modern TLS versions. However, users who have opted into legacy endpoints may face connection failures. The move aligns with broader industry efforts to enhance internet security by retiring outdated encryption protocols. Organizations are advised to ensure their email clients are updated to avoid potential issues. This deprecation follows years of warnings from Microsoft about the risks associated with legacy TLS versions. Key Points: • Microsoft will block TLS 1.0 and 1.1 for Exchange Online POP and IMAP connections starting July 2026. • Users must ensure their email clients support TLS 1.2 or later to avoid connection issues. • The change is part of a broader industry trend to enhance security by retiring outdated encryption protocols.

Key Entities

• Exchange Online (platform)
• Google Admin Console (platform)
• Google Workspace (platform)
• Gmail (tool)