Editing Transport Layer Security (section)

===Web browsers===
{{citations needed|1=section|date=April 2025}}
{{Further|topic=TLS/SSL support in web browsers|Version history for TLS/SSL support in web browsers|Comparison of web browsers}}
{{As of|2025|03}}, the latest versions of all major web browsers support TLS 1.2 and 1.3 and have them enabled by default, with the exception of [[Internet_Explorer_11|IE 11]]. TLS 1.0 and 1.1 are disabled by default on the latest versions of all major browsers.

Mitigations against known attacks are not enough yet:
*Mitigations against [[#POODLE attack|POODLE attack]]: some browsers already prevent fallback to SSL 3.0; however, this mitigation needs to be supported by not only clients but also servers. Disabling SSL 3.0 itself, implementation of "anti-POODLE record splitting", or denying CBC ciphers in SSL 3.0 is required.
**Google Chrome: complete (TLS_FALLBACK_SCSV is implemented since version 33, fallback to SSL 3.0 is disabled since version 39, SSL 3.0 itself is disabled by default since version 40. Support of SSL 3.0 itself was dropped since version 44.)
**Mozilla Firefox: complete (support of SSL 3.0 itself is dropped since [[History of Firefox#Version 38–44|version 39]]. SSL 3.0 itself is disabled by default and fallback to SSL 3.0 are disabled since [[History of Firefox#Version 31–37|version 34]], TLS_FALLBACK_SCSV is implemented since version 35. In ESR, SSL 3.0 itself is disabled by default and TLS_FALLBACK_SCSV is implemented since ESR 31.3.0.)
**Internet Explorer: partial (only in version 11, SSL 3.0 is disabled by default since April 2015. Version 10 and older are still vulnerable against POODLE.)
**[[Opera (web browser)|Opera]]: complete (TLS_FALLBACK_SCSV is implemented since version 20, "anti-POODLE record splitting", which is effective only with client-side implementation, is implemented since version 25, SSL 3.0 itself is disabled by default since version 27. Support of SSL 3.0 itself will be dropped since version 31.)
**Safari: complete (only on OS X 10.8 and later and iOS 8, CBC ciphers during fallback to SSL 3.0 is denied, but this means it will use RC4, which is not recommended as well. Support of SSL 3.0 itself is dropped on OS X 10.11 and later and iOS 9.)
*Mitigation against [[#RC4 attacks|RC4 attacks]]:
**Google Chrome disabled RC4 except as a fallback since version 43. RC4 is disabled since Chrome 48.
**Firefox disabled RC4 except as a fallback since version 36. Firefox 44 disabled RC4 by default.
**Opera disabled RC4 except as a fallback since version 30. RC4 is disabled since Opera 35.
**Internet Explorer for [[Windows 7]]/Server 2008 R2 and for [[Windows 8]]/Server 2012 have set the priority of RC4 to lowest and can also disable RC4 except as a fallback through registry settings. Internet Explorer 11 Mobile 11 for [[Windows Phone 8.1]] disable RC4 except as a fallback if no other enabled algorithm works. Edge [Legacy] and IE 11 disable RC4 completely in August 2016.
*Mitigation against [[#FREAK|FREAK attack]]:
**The Android Browser included with [[Android Ice Cream Sandwich|Android 4.0]] and older is still vulnerable to the FREAK attack.
**Internet Explorer 11 Mobile is still vulnerable to the FREAK attack.
**Google Chrome, Internet Explorer (desktop), Safari (desktop & mobile), and Opera (mobile) have FREAK mitigations in place.
**Mozilla Firefox on all platforms and Google Chrome on Windows were not affected by FREAK.