Version history for TLS/SSL support in web browsers

Version history for TLS/SSL support in web browsers tracks the implementation of Transport Layer Security protocol versions in major web browsers.

More information Browser or OS API, Platforms ...

TLS/SSL support history of web browsers
Browser or OS API	Version		Platforms	SSL protocols		TLS protocols				Certificate support			Vulnerability^{[n 1]}						Protocol selection by user^{[n 2]}
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV^{[n 3]}^[1]	SHA-2^[2]	ECDSA^[3]	BEAST^{[n 4]}	CRIME^{[n 5]}	POODLE (SSLv3)^{[n 6]}	RC4^{[n 7]}	FREAK^[4]^[5]	Logjam	Protocol selection by user^{[n 2]}
Google Chrome (Chrome for Android)^{[n 8]}^{[n 9]}	1–9		Windows (10+) macOS (11+) Linux Android (8.0+) iOS (16+) ChromeOS	Disabled by default	Yes	Yes	No	No	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected^[10]	Vulnerable (HTTPS)	Vulnerable	Vulnerable	Vulnerable (except Windows)	Vulnerable	Yes^{[n 10]}
	10–20			No^[11]	Yes	Yes	No	No	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected	Vulnerable (HTTPS/SPDY)	Vulnerable	Vulnerable	Vulnerable (except Windows)	Vulnerable	Yes^{[n 10]}
	21			No	Yes	Yes	No	No	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected	Mitigated^[12]	Vulnerable	Vulnerable	Vulnerable (except Windows)	Vulnerable	Yes^{[n 10]}
	22–29			No	Yes	Yes	Yes^[13]	No^[13]^[14]^[15]^[16]	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected	Mitigated	Vulnerable	Vulnerable	Vulnerable (except Windows)	Vulnerable	Temporary^{[n 11]}
	30–32			No	Yes	Yes	Yes	Yes^[14]^[15]^[16]	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected	Mitigated	Vulnerable	Vulnerable	Vulnerable (except Windows)	Vulnerable	Temporary^{[n 11]}
	33–37			No	Yes	Yes	Yes	Yes	No	Yes (only desktop)	Requires SHA-2 compatible OS^[2]	Needs ECC compatible OS^[3]	Not affected	Mitigated	Partly mitigated^{[n 12]}	Lowest priority^[19]^[20]^[21]	Vulnerable (except Windows)	Vulnerable	Temporary^{[n 11]}
	38, 39			No	Yes	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Partly mitigated	Lowest priority	Vulnerable (except Windows)	Vulnerable	Temporary^{[n 11]}
	40			No	Disabled by default^[18]^[22]	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Mitigated^{[n 13]}	Lowest priority	Vulnerable (except Windows)	Vulnerable	Yes^{[n 14]}
	41, 42			No	Disabled by default	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Mitigated	Lowest priority	Mitigated	Vulnerable	Yes^{[n 14]}
	43			No	Disabled by default	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Mitigated	Only as fallback^{[n 15]}^[23]	Mitigated	Vulnerable	Yes^{[n 14]}
	44–47			No	No^[24]	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Not affected	Only as fallback^{[n 15]}	Mitigated	Mitigated^[25]	Temporary^{[n 11]}
	48, 49			No	No	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Needs ECC compatible OS^[3]	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	50–53			No	No	Yes	Yes	Yes	No	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	54–66			No	No	Yes	Yes	Yes	Disabled by default (draft version)	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	67–69			No	No	Yes	Yes	Yes	Yes (draft version)	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	70–83			No	No	Yes	Yes	Yes	Yes	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	84–90			No	No	Warn by default	Warn by default	Yes	Yes	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	91–135			No	No	No^[28]	No^[28]	Yes	Yes	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
	ESC 136	136		No	No	No^[28]	No^[28]	Yes	Yes	Yes (only desktop)	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[26]^[27]	Mitigated	Mitigated	Temporary^{[n 11]}
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Microsoft Edge (Chromium-based) OS-independent	79–83		Windows (10+) macOS (11+) Linux Android (8.0+) iOS (16+)	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default	Mitigated	Mitigated	Yes^{[n 10]}
	84–90			No	No	Warn by default	Warn by default	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default	Mitigated	Mitigated	Yes^{[n 10]}
	91-135			No	No	No^[29]	No^[29]	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default	Mitigated	Mitigated	Yes^{[n 10]}
	ESC 136	136		No	No	No^[29]	No^[29]	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default	Mitigated	Mitigated	Yes^{[n 10]}
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Mozilla Firefox (Firefox for mobile)^{[n 17]}	1.0, 1.5		Windows (10+) macOS (10.15+) Linux Android (5.0+) iOS (15+) ~~Firefox OS~~ ~~Maemo~~ ESR 115 only for: Windows (7–8.1) macOS (10.12–10.14) ESR 128+ only for: Windows (10+) macOS (10.15+) Linux	Yes^[30]	Yes^[30]	Yes^[30]	No	No	No	No	Yes^[2]	No	Not affected^[31]	Not affected	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	2			Disabled by default^[30]^[32]	Yes	Yes	No	No	No	No	Yes	Yes^[3]	Not affected	Not affected	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	3–7			Disabled by default	Yes	Yes	No	No	No	Yes	Yes	Yes	Not affected	Not affected	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	8–10 ESR 10			No^[32]	Yes	Yes	No	No	No	Yes	Yes	Yes	Not affected	Not affected	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	11–14			No	Yes	Yes	No	No	No	Yes	Yes	Yes	Not affected	Vulnerable (SPDY)^[12]	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	15–22 ESR 17.0–17.0.10			No	Yes	Yes	No	No	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 10]}
	ESR 17.0.11			No	Yes	Yes	No	No	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Lowest priority^[33]^[34]	Not affected	Vulnerable	Yes^{[n 10]}
	23			No	Yes	Yes	Disabled by default^[35]	No	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 18]}
	24, 25.0.0 ESR 24.0–24.1.0			No	Yes	Yes	Disabled by default	Disabled by default^[36]	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Vulnerable	Not affected	Vulnerable	Yes^{[n 18]}
	25.0.1, 26 ESR 24.1.1–24.8.1			No	Yes	Yes	Disabled by default	Disabled by default	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Lowest priority^[33]^[34]	Not affected	Vulnerable	Yes^{[n 18]}
	27–33 ESR 31.0–31.2.0			No	Yes	Yes	Yes^[37]^[38]	Yes^[39]^[38]	No	Yes	Yes	Yes	Not affected	Mitigated	Vulnerable	Lowest priority	Not affected	Vulnerable	Yes^{[n 18]}
	34, 35 ESR 31.3.0–31.7.0			No	Disabled by default^[40]^[41]	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Mitigated^{[n 19]}	Lowest priority	Not affected	Vulnerable	Yes^{[n 18]}
	ESR 31.8.0			No	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Mitigated	Lowest priority	Not affected	Mitigated^[44]	Yes^{[n 18]}
	36–38 ESR 38.0–38.0.1			No	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Mitigated	Only as fallback^{[n 15]}^[45]	Not affected	Vulnerable	Yes^{[n 18]}
	ESR 38.1.0–38.8.0			No	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Mitigated	Only as fallback^{[n 15]}	Not affected	Mitigated^[44]	Yes^{[n 18]}
	39–43			No	No^[46]	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Only as fallback^{[n 15]}	Not affected	Mitigated^[44]	Yes^{[n 18]}
	44–48 ESR 45			No	No	Yes	Yes	Yes	No	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}^[47]^[48]^[49]^[50]	Not affected	Mitigated	Yes^{[n 18]}
	49–59 ESR 52			No	No	Yes	Yes	Yes	Disabled by default (draft version)^[51]	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}	Not affected	Mitigated	Yes^{[n 18]}
	60–62 ESR 60			No	No	Yes	Yes	Yes	Yes (draft version)	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}	Not affected	Mitigated	Yes^{[n 18]}
	63–77 ESR 68			No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}	Not affected	Mitigated	Yes^{[n 18]}
	78–137 ESR 78–115.22 ESR 128.0–128.9			No	No	Disabled by default^[52]	Disabled by default^[52]	Yes	Yes	Yes	Yes	Yes	Not affected	Mitigated	Not affected	Disabled by default^{[n 16]}	Not affected	Mitigated	Yes^{[n 18]}
	ESR 115.23
	ESR 128.10
	138
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Microsoft Internet Explorer (1–10)^{[n 20]} Windows Schannel	1.x		Windows 3.1, 95, NT,^{[n 21]}^{[n 22]} Mac OS 7, 8	No SSL/TLS support
	2			Yes	No	No	No	No	No	No	No	No	No SSL 3.0 or TLS support			Vulnerable	Vulnerable	Vulnerable	—
	3			Yes	Yes^[55]	No	No	No	No	No	No	No	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	?
	4, 5, 6		Windows 3.1, 95, 98, NT, 2000^{[n 21]}^{[n 22]} Mac OS 7.1, 8, X, Solaris, HP-UX	Yes	Yes	Disabled by default^[55]	No	No	No	No	No	No	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Yes^{[n 10]}
	6		Windows XP^{[n 22]}	Yes	Yes	Disabled by default	No	No	No	No	Yes (Since SP3)^{[n 23]}^[56]	No	Mitigated	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Yes^{[n 10]}
	7, 8		Windows XP^{[n 22]}	Disabled by default^[57]	Yes	Yes^[57]	No	No	No	Yes	Yes (Since SP3)^{[n 23]}^[56]	No	Mitigated	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Yes^{[n 10]}
	6		Server 2003^{[n 22]}	Yes	Yes	Disabled by default	No	No	No	No	Yes (KB938397+KB968730)^{[n 23]}^[56]	No	Mitigated	Not affected	Vulnerable	Vulnerable	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
	7, 8		Server 2003^{[n 22]}	Disabled by default^[57]	Yes	Yes^[57]	No	No	No	Yes	Yes (KB938397+KB968730)^{[n 23]}^[56]	No	Mitigated	Not affected	Vulnerable	Vulnerable	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
	7, 8, 9		Windows Vista	Disabled by default	Yes	Yes	No	No	No	Yes	Yes	Yes^[3]	Mitigated	Not affected	Vulnerable	Vulnerable	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
	7, 8, 9		Server 2008	Disabled by default	Yes	Yes	Disabled by default^[62] (KB4019276)^{[n 24]}	Disabled by default^[62] (KB4019276)^{[n 24]}	No	Yes	Yes	Yes^[3]	Mitigated	Not affected	Vulnerable	Vulnerable	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
	8, 9, 10		7, 8 Server 2008 R2 Server 2012	Disabled by default	Yes	Yes	Disabled by default^{[n 24]}^[64]	Disabled by default^{[n 24]}^[64]	No	Yes	Yes	Yes	Mitigated	Not affected	Vulnerable	Lowest priority^[65]^{[n 25]}	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
Internet Explorer 11^{[n 20]} Windows Schannel	11^{[n 26]}^[67]		7, 8.1 Server 2008 R2 Server 2012^[67] Server 2012 R2	Disabled by default	Disabled by default^{[n 27]}	Disabled by default^{[n 28]}	Disabled by default^{[n 24]}^{[n 28]}	Yes^{[n 24]}^[73]	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated^{[n 27]}	Disabled by default^{[n 16]}	Mitigated^[60]	Mitigated^[61]	Yes^{[n 10]}
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Microsoft Edge (12–18) (EdgeHTML-based) Client only Internet Explorer 11^{[n 20]} Windows Schannel	11	12–13	Windows 10 1507–1511	Disabled by default	Yes^[63]	Yes	Yes	Yes^{[n 24]}	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	11	14–18 (client only)	Windows 10 1607–2004 Windows Server (SAC) 1709–2004	No^[74]	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Internet Explorer 11^{[n 20]} Windows Schannel	11^{[n 29]}		Windows 10 20H2–21H2 Windows Server (SAC) 20H2	No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Internet Explorer 11^{[n 20]} Windows Schannel	11^{[n 29]}		Windows 10 22H2	No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Windows Schannel	Windows 11 21H2			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes^[63]	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	Windows 11 22H2 (Home/Pro)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	Windows 11 22H2 (Ent/Edu)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	Windows 11 23H2 (Home/Pro)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	Windows 11 23H2 (Ent/Edu)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
	Windows 11 24H2			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Internet Explorer 11^{[n 20]} LTSB/LTSC Windows Schannel LTSB/LTSC	11		Windows 10 LTSB 2015 (1507)	Disabled by default	Yes^[63]	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes^{[n 24]}	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
			Windows 10 LTSB 2016 (1607)	No^[74]	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
			Windows Server 2016 (LTSB/1607)	No^[74]	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
			Windows 10 LTSC 2019 (1809) Windows Server 2019 (LTSC/1809)	No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
			Windows 10 LTSC 2021 (21H2)	No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	No^[63]	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
			Windows Server 2022 (LTSC/21H2)	No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Windows Schannel LTSC	Windows 11 LTSC 2024 (24H2)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Windows Schannel LTSC	Windows Server 2025 (LTSC/24H2)			No	Disabled by default	Disabled by default^{[n 28]}	Disabled by default^{[n 28]}	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	Yes^{[n 10]}
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Microsoft Internet Explorer Mobile^{[n 20]}	7–9		Windows Phone 7, 7.5, 7.8	Disabled by default^[57]	Yes	Yes	No^{[citation needed]}	No^{[citation needed]}	No	No^{[citation needed]}	Yes	Yes^[77]	?	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Only with 3rd party tools^{[n 30]}
	10		Windows Phone 8	Disabled by default	Yes	Yes	Disabled by default^[79]	Disabled by default^[79]	No	No^{[citation needed]}	Yes	Yes^[80]	Mitigated	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Only with 3rd party tools^{[n 30]}
	11		Windows Phone 8.1	Disabled by default	Yes	Yes	Yes^[81]	Yes^[81]	No	No^{[citation needed]}	Yes	Yes	Mitigated	Not affected	Vulnerable	Only as fallback^{[n 15]}^[82]^[83]	Vulnerable	Vulnerable	Only with 3rd party tools^{[n 30]}
Microsoft Edge (13–15) (EdgeHTML-based)^{[n 31]}	13		Windows 10 Mobile 1511	Disabled by default	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
Microsoft Edge (13–15) (EdgeHTML-based)^{[n 31]}	14, 15		Windows 10 Mobile 1607–1709	No^[74]	Disabled by default	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Apple Safari^{[n 32]}	1		Mac OS X 10.2, 10.3	No^[88]	Yes	Yes	No	No	No	No	No	No	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	2–5		Mac OS X 10.4, 10.5, Win XP	No	Yes	Yes	No	No	No	Yes (Since v3.2)	No	No	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	3–5		Vista, Win 7	No	Yes	Yes	No	No	No	Yes (Since v3.2)	No	Yes^[77]	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	4–6		Mac OS X 10.6, 10.7	No	Yes	Yes	No	No	No	Yes	Yes^[2]	Yes^[3]	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	6		OS X 10.8	No	Yes	Yes	No	No	No	Yes	Yes	Yes^[3]	Mitigated^{[n 33]}	Not affected	Mitigated^{[n 34]}	Vulnerable^{[n 34]}	Mitigated^[94]	Vulnerable	No
	7, 9		OS X 10.9	No	Yes	Yes	Yes^[95]	Yes^[95]	No	Yes	Yes	Yes	Mitigated^[90]	Not affected	Mitigated^{[n 34]}	Vulnerable^{[n 34]}	Mitigated^[94]	Vulnerable	No
	8–10		OS X 10.10	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated^{[n 34]}	Lowest priority^[96]^{[n 34]}	Mitigated^[94]	Mitigated^[97]	No
	9–11		OS X 10.11	No	No	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Lowest priority	Mitigated	Mitigated	No
	10–15		macOS 10.12, 10.13, 10.14, 10.15	No	No	Yes	Yes	Yes	Yes (Since macOS 10.14.4)^[98]	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	14–17		macOS 11, 12	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	16, 17	18	macOS 13	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	17	18	macOS 14	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	18		macOS 15	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user
Apple Safari (mobile)^{[n 35]}	3		iPhone OS 1, 2	No^[102]	Yes	Yes	No	No	No	No	No	No	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	4, 5		iPhone OS 3, iOS 4	No	Yes	Yes	No	No	No	Yes^[103]	Yes	Yes (Since iOS 4)^[77]	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	5, 6		iOS 5, 6	No	Yes	Yes	Yes^[99]	Yes^[99]	No	Yes	Yes	Yes	Vulnerable	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	7		iOS 7	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes^[104]	Mitigated^[105]	Not affected	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	8		iOS 8	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Mitigated^{[n 34]}	Lowest priority^[106]^{[n 34]}	Mitigated^[107]	Mitigated^[108]	No
	9		iOS 9	No	No	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Lowest priority	Mitigated	Mitigated	No
	10, 11		iOS 10, 11	No	No	Yes	Yes	Yes	No	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	12		iOS iOS 12	No	No	Yes	Yes	Yes	Yes (Since iOS 12.2)^[98]	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	13–16		iOS 13, 14, 15, 16	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	13–16		iPadOS 13, 14, 15, 16	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	17		iOS 17	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	17		iPadOS 17	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	18		iOS 18	No	No	?	?	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
	18		iPadOS 18	No	No	?	?	Yes	Yes	Yes	Yes	Yes	Mitigated	Not affected	Not affected	Disabled by default^{[n 16]}	Mitigated	Mitigated	No
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV^{[n 3]}	SHA-2	ECDSA	BEAST^{[n 4]}	CRIME^{[n 5]}	POODLE (SSLv3)^{[n 6]}	RC4^{[n 7]}	FREAK^[4]^[5]	Logjam	Protocol selection by user
Google Android OS^[109]	Android 1.0–4.0.4			No	Yes	Yes	No	No	No	?	Yes^[2]	Yes (Since 3.0)^[77]^[3]	?	?	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	Android 4.1–4.4.4			No	Yes	Yes	Disabled by default^[110]	Disabled by default^[110]	No	?	Yes	Yes	?	?	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	Android 5.0–5.0.2			No	Yes	Yes	Yes^[110]^[111]	Yes^[110]^[111]	No	?	Yes	Yes	?	?	Vulnerable	Vulnerable	Vulnerable	Vulnerable	No
	Android 5.1–5.1.1			No	Disabled by default^{[citation needed]}	Yes	Yes	Yes	No	?	Yes	Yes	?	?	Not affected	Only as fallback^{[n 15]}	Mitigated	Mitigated	No
	Android 6.0–7.1.2			No	Disabled by default^{[citation needed]}	Yes	Yes	Yes	No	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 8.0–9			No	No^[112]	Yes	Yes	Yes	No	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 10–12L			No	No	Yes	Yes	Yes	Yes	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 13			No	No	Yes	Yes	Yes	Yes	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 14			No	No	Yes	Yes	Yes	Yes	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 15			No	No	?	?	Yes	Yes	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
	Android 16			No	No	?	?	Yes	Yes	?	Yes	Yes	?	?	Not affected	Disabled by default	Mitigated	Mitigated	No
Browser or OS API	Version		Platforms	SSL 2.0 (insecure)	SSL 3.0 (insecure)	TLS 1.0 (deprecated)	TLS 1.1 (deprecated)	TLS 1.2	TLS 1.3	EV certificate	SHA-2 certificate	ECDSA certificate	BEAST	CRIME	POODLE (SSLv3)	RC4	FREAK	Logjam	Protocol selection by user

More information Color or Note, Significance ...

Color or Note	Significance
Browser version	Platform
Browser version	Operating system	Future release; under development
Browser version	Operating system	Current latest release
Browser version	Operating system	Former release; still supported
Browser version	Operating system	Former release; long-term support still active, but will end in less than 12 months
Browser version	Operating system	Former release; no longer supported
—	Operating system	Mixed/Unspecified
Operating system (Version+)	Minimum required operating system version (for supported versions of the browser)
~~Operating system~~	No longer supported for this operating system

Notes

[n 1]
Note actual security depends on other factors such as negotiated cipher, encryption strength, etc. (see § Cipher table).
[n 2]
Whether a user or administrator can choose the protocols to be used or not. If yes, several attacks such as BEAST (vulnerable in SSL 3.0 and TLS 1.0) or POODLE (vulnerable in SSL 3.0) can be avoided.
[n 3]
Whether EV SSL and DV SSL (normal SSL) can be distinguished by indicators (green lock icon, green address bar, etc.) or not.
[n 4]
e.g. 1/n-1 record splitting.
[n 5]
e.g. Disabling header compression in HTTPS/SPDY.
[n 6]
- Complete mitigations; disabling SSL 3.0 itself, "anti-POODLE record splitting". "Anti-POODLE record splitting" is effective only with client-side implementation and valid according to the SSL 3.0 specification, however, it may also cause compatibility issues due to problems in server-side implementations.
- Partial mitigations; disabling fallback to SSL 3.0, TLS_FALLBACK_SCSV, disabling cipher suites with CBC mode of operation. If the server also supports TLS_FALLBACK_SCSV, the POODLE attack will fail against this combination of server and browser, but connections where the server does not support TLS_FALLBACK_SCSV and does support SSL 3.0 will still be vulnerable. If disabling cipher suites with CBC mode of operation in SSL 3.0, only cipher suites with RC4 are available, RC4 attacks become easier.
- When disabling SSL 3.0 manually, POODLE attack will fail.
[n 7]
- Complete mitigation; disabling cipher suites with RC4.
- Partial mitigations to keeping compatibility with old systems; setting the priority of RC4 to lower.
[n 8]
Google Chrome (and Chromium) supports TLS 1.0, and TLS 1.1 from version 22 (it was added, then dropped from version 21). TLS 1.2 support had been added, then dropped from Chrome 29.^[6]^[7]^[8]
[n 9]
Uses the TLS implementation provided by BoringSSL for Android, OS X, and Windows^[9] or by NSS for Linux. Google is switching the TLS library used in Chrome to BoringSSL from NSS completely.
[N 10]
Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).
[N 11]
configure the maximum and the minimum version of enabling protocols with command-line option.
[N 12]
TLS_FALLBACK_SCSV is implemented.^[17] Fallback to SSL 3.0 is disabled since version 39.^[18]
[N 13]
In addition to TLS_FALLBACK_SCSV and disabling a fallback to SSL 3.0, SSL 3.0 itself is disabled by default.^[18]
[N 14]
Configure the minimum version of enabling protocols via chrome://flags^[22] (the maximum version can be configured with command-line option).
[N 15]
Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.
[N 16]
All RC4 cipher suites are disabled by default.
[N 17]
Uses the TLS implementation provided by NSS. As of Firefox 22, Firefox supports only TLS 1.0 despite the bundled NSS supporting TLS 1.1. Since Firefox 23, TLS 1.1 can be enabled, but was not enabled by default due to issues. Firefox 24 has TLS 1.2 support disabled by default. TLS 1.1 and TLS 1.2 have been enabled by default in Firefox 27 release.
[N 18]
Configure the maximum and the minimum version of enabling protocols via about:config.
[N 19]
SSL 3.0 itself is disabled by default.^[40] In addition, fallback to SSL 3.0 is disabled since version 34,^[42] and TLS_FALLBACK_SCSV is implemented since 35.0 and ESR 31.3.0.^[40]^[43]
[N 20]
IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.^[53]^[54]
[N 21]
Windows NT 3.1 supports IE 1–2, Windows NT 3.5 supports IE 1–3, Windows NT 3.51 and Windows NT 4.0 supports IE 1–6.
[N 22]
Windows XP as well as Server 2003 and older support only weak ciphers like Triple DES and RC4 out of the box.^[58] The weak ciphers of these Schannel version are not only used for IE, but also for other Microsoft products running on this OS, like Microsoft Office or Windows Update. Only Windows Server 2003 can get a manual update to support AES ciphers by KB948963^[59]
[N 23]
MS13-095 or MS14-049 for Windows Server 2003, Windows XP x64 and Windows XP SP3 (32-bit).
[N 24]
DTLS protocol counterpart version, however, is not supported.^[63]
[N 25]
RC4 can be disabled except as a fallback (Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback).^[66]
[N 26]
IE11 will continue to support these operating systems if they are with ESUs until at least October 13, 2026.
[N 27]
Fallback to SSL 3.0 is sites blocked by default in Internet Explorer 11 for Protected Mode.^[68]^[69] SSL 3.0 is disabled by default in Internet Explorer 11 since April 2015.^[70]
[N 28]
TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.^[71]^[72]
[N 29]
IE11 ran out of support for GAC (formerly CB and SAC) editions of Windows 10 since June 15, 2022.^[75]^[76]
[N 30]
Could be disabled via registry editing but need 3rd Party tools to do this.^[78]
[N 31]
Edge (formerly known as Project Spartan) is based on a fork of the Internet Explorer 11 rendering engine.
[N 32]
Safari uses the operating system implementation on Mac OS X, Windows (XP, Vista, 7)^[84] with unknown version,^[85] Safari 5 is the last version available for Windows. OS X 10.8 on have SecureTransport support for TLS 1.1 and 1.2^[86] Qualys SSL report simulates Safari 5.1.9 connecting with TLS 1.0 not 1.1 or 1.2.^[87]
[N 33]
In September 2013, Apple implemented BEAST mitigation in OS X 10.8 (Mountain Lion), but it was not turned on by default, resulting in Safari still being theoretically vulnerable to the BEAST attack on that platform.^[89]^[90] BEAST mitigation has been enabled by default from OS X 10.8.5 updated in February 2014.^[91]
[N 34]
Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,^[92]^[93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.
[N 35]
Mobile Safari and third-party software utilizing the system UIWebView library use the iOS operating system implementation, which supports TLS 1.2 as of iOS 5.0.^[99]^[100]^[101]

Version history for TLS/SSL support in web browsers

References

Wikiwand - on