Security Patch Updates


TLS 1.0 is vulnerable to man-in-the-middle attacks, risking the integrity and authentication of data sent between a website and a browser. Disabling TLS 1.0 and lower SSL protocols support on your server is sufficient to mitigate this issue. The PCI DSS (Payment Card Industry Data Security Standard) specifies that TLS 1.0 may no longer be used as of June 30, 2018. It also strongly suggests to disable TLS 1.1. These protocols may be affected by vulnerabilities such as FREAK, POODLE, BEAST, and CRIME.

To learn about TLS/SSL related security best practices, please refer to the Server Security Configuration SureMDM On-premise solutionv1.0 document in the SureMDM on-premise package. 

Note: TLS 1.0 and TLS 1.1 can be disabled from on-premise version 6.49 onwards. For more information, please contact techsupport@42gears.com.