We all know by now that TLSv1.0 is broken we must disable it to protect ourselves from this vulnerability, here are the two registry key's that need to be created to disable TLSv1.0:
Launch RegEdit and navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\"
In the "Client" & "Server" key and create a DWORD (32 bit) entry and call this "Enabled" and set the value to 0, also create a DWORD (32 bit) entry called "DisabledByDefault" in both "Client" and "Server" Folders/Keys.
"Enabled" - Disables TLSv1.0
"DisabledByDefault" - Advertises that the server can or cannot accept TLSv1.0
No comments:
Post a Comment
Thanks for your input.