Attention Zoho users : Withdrawing RC4 support for all Zoho services from 30th June, 2015.

Attention Zoho users : Withdrawing RC4 support for all Zoho services from 30th June, 2015.

RC4  is  an  encryption  cipher  used  in  protocols  such  as  SSL / TLS . RC4  ciphers  have  long  been  considered  problematic  because  of  their  vulnerability  to a  number  of  cryptographic  weaknesses  that  can  be exploited.  To  know  more  about RC4  vulnerabilities,  have a  look  at  the  current  IETF  draft


We wish  to bring  to  your attention  that due  to  these security  vulnerabilities we  will  be phasing  out support  for  the RC4  encryption  algorithm  from  30th June 2015 .

 

We  will stop extending support  to  the  following RC4  ciphers  for  our  SSL / TLS   protocols.

 

TLS _ RSA _ WITH_RC4_128_ SHA     
TLS _ ECDHE _ RSA _ WITH_RC4_128_ SHA

 

Analysis  of connections  to  Zoho services  show  that  only   0. 1%  of users utilize RC4  in  their  protocols.  As a  Zoho user, depending  on  how  you access  Zoho services,  there  are  two cases  in  which  this  can affect  you -

 

  1. Accessing  Zoho services  t hrough   API  calls:
    If  you  have configured  your  integration  to access  Zoho services  through  API  calls,  you  may  need  to  re-configure  your current  integration  so  that  it uses a  more secure alternative  such  as  AES If  your  integration  was provided  by a third-party vendor please  do  get  in touch  with  them  and  re-configure  your  integration.  I you  are uncertain  of  your current  integration, please provide  us  the  name  of  your third-party vendor  or a copy  of  your code snippet  so  that  we  can assist  you.

  2. Accessing  Zoho services  through browser: 
    If  you  are accessing  Zoho services  using Internet Explorer(IE6  or less)  on  Windows  XP ( or  lower)  you  will  not  be  able  to access  zoho.com.  Similarly people  who access  Zoho  services  through outdated  browsers  on devices  such  as  old mobile phones  will  not  be able  to access  zoho.com. 

    As a 
    workaround,  we strongly recommend Windows  XP  users  to switch  to a newer  version  of Windows.  If  this  is  not possible,  you  will  need  to  use updated versions  of  browsers  such  as Firefox/  Chrome  to access  zoho.com.

 

Please  keep  in mind  that failure  to  make  these changes  before  30th June 2015  will render  you unable  to access  Zoho services.

 

Please  write  back  to  us at security@zohocorp.com if  you  need  any clarification.

Regards,
Zoho Security Team.



      • Sticky Posts

      • Zoho MVP Batch of 2023

        Image: Zoho MVP Batch of 2023 Presenting the Zoho MVPs for 2023: Michael Trow Damien Cregan Kevin Flynn Donald Love Gordon Mankelow Abhishek Sharma Nik Khairul Bryan Pape Hugh Marshall Bhoomi Joshi Mikhail Koval Ken Florian Sven Rösser Our MVPs are passionate
      • Thanksgiving 2022 - Celebrating Zoho Community SuperBuds

        One of the things we love most about our Zoho User Community is how readily our users help each other out, and share their Zoho and business knowledge. Be it the community forums, the virtual and in-person meetups, or Zoholics, it's been heart-warming
      • Zoho MVP Batch of 2022

        Image: Zoho MVP Batch of 2022 Zoho MVPs are passionate customers and partners who go out of their way in helping the community members. With their significant contributions in the community forums, they help cut short the learning curve of the members,
      • ZOHO-20 to fight COVID-19

        While the world economy is taking a hit, we, at Zoho, are doing our bit to help small businesses come out of this crisis. Here are all the programs and packages offered by Zoho to fight Covid-19. 1. ESAP: The Small Business Emergency Subscription Assistance Program (ESAP) gives our severely impacted small business customers access to Zoho software they currently use, free for three months. All Zoho customers with 25 employees or fewer who have been severely impacted by the coronavirus-related downturn
      • ​Issues with Forum posts approval in Zoho Community

        Hi All, Issue: Some of you have reported that the posts/comments made today are going for moderation. The issue started few hours ago, and the behaviour was reported in CRM and Creator Forums by a few customers/partners. We were able to see the same problem in a few other product forums too. How it impacts you: Don't worry if you find that your posts and comments are stuck in moderation. Your posts/comments are safe. Please don't duplicate them. We're keeping a tab on the development and approving