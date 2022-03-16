TLS upgrade broke Azure DevOps for some users

By on
TLS upgrade broke Azure DevOps for some users

TLS 1.0/1.1 temporarily turned back on.

Microsoft has decided to reverse a security upgrade it applied to its Azure DevOps cloud-based software development and life cycle management system, after it caused problems for users on IPv4 connections.

In January, the company rolled out Transport Layer Security (TLS) 1.2-only access to the service, something which will now be reversed for some users.

The aim was to comply with the Internet Engineering Task Force’s March 2021 to deprecate the obsolete TLS versions that didn’t support current cryptographic algorithms.

The old TLS versions were also subject to protocol downgrade attacks like Poodle.

Microsoft hasn’t explained what issues arose during the upgrade, but in this blog post said that the deprecation of TLS 1.0 and TLS 1.1 cause some “unexpected issues” for IPv4 users.

Azure DevOps Platform product manager Mark Graham wrote that IPv6 endpoints were already enforcing TLS 1.2, so those customers are unaffected.

“We anticipate minimal impacts to our customers as more than 99.5% of connections made to Azure DevOps Services already use TLS 1.2. Clients have TLS 1.2-compatibility issues because of obsolete OS version or if available updates are not applied (applies for all Windows, macOS and Linux) or legacy .NET Framework installation or OS configuration prohibiting certain TLS cipher suites”, Graham’s post stated.

To help customers identify Azure DevOps-facing software that can’t support TLS 1.2, Microsoft will disable TLS 1.0/1.1 for 12 hours on March 22 for https://orgname.visualstudio.com domains; and March 24 for the https://dev.azure.com/orgname domains.

Graham’s post also tells users how to test their TLS support in PowerShell, YAML, or as a pipeline task. 

He warns users that a browser check won’t catch an incompatibility: “Browsers often use crypto libraries (such as OpenSSL) and thus circumvent the classic HTTP/TLS stack that other software uses”.

 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
azure devopsencryptionmicrosoftsecuritytlstransport layer security

Sponsored Whitepapers

Don&#8217;t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection
A Guide to Cyber Security Threat Hunting
A Guide to Cyber Security Threat Hunting
20 ways Automate solves IT and business problems
20 ways Automate solves IT and business problems
Magic Quadrant for Access Management
Magic Quadrant for Access Management
Fortinet Networking and Cybersecurity Adoption Index 2021
Fortinet Networking and Cybersecurity Adoption Index 2021

Events

Most Read Articles

ATO readies massive IT outsourcing reset

ATO readies massive IT outsourcing reset
Tabcorp takes to Google-made Flutter

Tabcorp takes to Google-made Flutter
ANU to go passwordless

ANU to go passwordless
Optus wants gov response to OTTs 'free riding' on telco networks

Optus wants gov response to OTTs 'free riding' on telco networks

Digital Nation

COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
The other &#8216;CTO&#8217;: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets

Log In

Email:
Password:
  |  Forgot your password?