This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Announcing the recent Microsoft®︎ security updates and their impact on Sage 300


We have an important update to share with you regarding the recent announcements by Microsoft and how it impacts Sage 300.

Update 1: TLS (Transport Layer Security) 1.3

  • Microsoft® announced the deprecation of Transport Layer Security (TLS) versions 1.0 and 1.1 in Office 365 and Office 365 GCC in January 2020. Microsoft® and Sage recommend that all client-server and browser-server combinations use TLS 1.2 (or a later version) to maintain connection to Office 365 services.
  • This Microsoft® article does give information about how to opt-in to allowing certain customers to continue using TLS 1.0 and 1.1. Sage has not tested this and does not offer support or troubleshooting for it. We recommend you speak to your IT professional before deciding to attempt this method of continuing to use your existing version of Sage 300 as it is a less secure protocol.

Update 2: SMTP (Simple Mail Transfer Protocol) Deprecation of Basic Authentication

  • Microsoft®  has announced the end of support for Basic Authentication (user and password credentials) for Exchange Web Services (EWS), Exchange Active Sync (EAS), Post office Protocol (POP), Internet Message Access Protocol (IMAP), and Remote PowerShell (RPS) in Exchange Online.
  • Going forward, only Modern Authentication will be supported after October 1, 2022.

How these changes impact you?

  • Sage 300 currently supports TLS 1.2. Windows Server 2022, available as of September 2021, has delivered improvements to network security by upgrading HTTPS support to TLS 1.3.
  • Sage 300 has successfully tested running on Windows Server 2022 with TLS 1.3 enabled. Sage is also performing additional tests to ensure compatibility with the most secure configuration of TLS 1.3.
  • The Sage 300 Desktop and Web Screens will be affected as they currently only support Basic Authentication with SMTP. To avoid failures with email delivery, the Sage 300 application will be enhanced to support Modern Authentication prior to the deprecation date.

Please reach out to us if you have any additional questions or concerns.

Best regards,

Sage 300 Team