Accessibility Skip to content

Poly Systems - Microsoft O365 TLS Version Support

Vulnerability Summary

Microsoft O365 Will Stop Support for TLS 1.0 and 1.1 in October of 2018

From Microsoft: “As of October 31, 2018, Office 365 will no longer support TLS 1.0 and 1.1. This means that Microsoft will not fix new issues that are found in clients, devices, or services that connect to Office 365 by using TLS 1.0 and 1.1.

Note This doesn't mean Office 365 will block TLS 1.0 and 1.1 connections. There is no official date for disabling or removing TLS 1.0 and 1.1 in the TLS service for customer connections. The eventual deprecation date will be determined by customer telemetry and is not yet known. After a decision is made, there will be an announcement six months in advance unless we become aware of a known compromise, in which case we may have to act in less than six months to protect customers who use the services.”

Once Office 365 deprecates support for these protocols, all communications to and from Office 365 servers will need to use TLS 1.2. See the list of Polycom products in the Impact and Risk section below that will no longer connect or be supported.

 

Devices will not register to any Skype for Business server if TLS is updated to TLS 1.2

If upgrading to TLS 1.2 using Skype for Business Servers (on-premises), additional devices listed below will no longer be able to register to Skype for Business or be supported. Compliance requirements such as Payment Card Industry Date Security Standard (PCI-DSS) will require that customers implement a more secure encryption protocol – TLS 1.1 or higher (TLS v1.2 is strongly encouraged) by June 30th 2018 in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data.

Published

Last Update: 3/14/2022
Initial Public Release: 7/5/2018
Advisory ID:  PLYGN18-07

Product Affected
PRODUCTS FIRMWARE FIX
CX500 Phone

N/A

See Workaround
CX600 Phone

N/A

See Workaround
CX700 Phone

N/A

See Workaround
CX3000 Conference Phone

N/A

See Workaround
CX8000 Skype Room System

N/A

See Workaround
Solution

No direct solution.

 

Workaround

If using these products, continue to use them with Skype for Business Server 2015
(on-premises) with out updating to TLS 1.2

Microsoft Links: Deprecating support for TLS 1.0 and 1.1


Poly Links:


Other Links:

 

Contact

Any customer using an affected system who is concerned about this vulnerability within their deployment should contact Poly Technical Support(888) 248-4143, (916) 928-7561, or visit the Poly Support Site.

 

Revision History
VERSION DATE DESCRIPTION
1.0 7/5/2018 Initial Release
1.1 11/9/2018 Updated information based on Microsoft changes
2.0 3/14/2022 Format Changes