(2025-01) Action required: Hoxhunt is deprecating legacy TLS for Hoxhunt Outlook COM add-in by Feb 10th, 2025

Overview

Hoxhunt is phasing out its services that use TLS 1.0 and 1.1. For most users, no change at all is required and services work as before.

However, a small number of our customers still rely on these encryption technologies through the older version of Outlook COM add-in (also called the VSTO add-in). Hoxhunt COM add-in 2.4.1.0 and earlier are using TLS1.0 or 1.1. as default unless they are configured to use modern TLS 1.2 or higher via Windows registry or via environment variable. Hoxhunt COM add-in version 2.4.3.0 is using TLS1.2 and higher by default.

Customers with older Hoxhunt COM add-in using the default configuration must now change the endpoint used by the COM add-in to a dedicated endpoint that continues to support TLS 1.0 and 1.1.

The endpoint currently used by the COM add-in will no longer support the deprecated TLS 1.0 and 1.1 protocols after February 10th, 2025.

 

Actions needed from you

If you are still using Hoxhunt COM add-in version 2.4.1.0 or earlier, you must take following action before February 10th, 2025:

  • Set Hoxhunt COM add-in’s communication endpoint to Hoxhunt's legacy TLS-enabled endpoint (instructions below)

Optionally, you could also consider following actions that provide better customer experience and long term support:

  • Update COM add-in to version 2.4.3.0 (contact Hoxhunt Support at support@hoxhunt.com)
  • Consider migrating to Hoxhunt Officejs add-in in all Outlook clients (read more)

How to re-configure Hoxhunt COM add-in's endpoint

Option 1: Changing the environment variable manually for a user

This option works for customers who have only a handful of employees using Hoxhunt COM add-in in Classic Desktop Outlook for Windows.

  1. Press Win+R to open the Run dialog.
  2. Type sysdm.cpl and press Enter.

  3. In the System Properties window, select the Advanced tab.
  4. Click Environment Variables.

  5. Under User variables (or System variables, if you want this setting to apply to all users), select New.
  6. As Variable name, enter HOXHUNT_URL.
  7. As Variable value, enter api.obsolete-legacy-reporting.com.
  8. Click OK to save.

    You should now see HOXHUNT_URL listed in the Environment Variables dialog.

  9. Click OK to close any open dialogs and apply the changes.
  10. Restart Outlook.
  11. Use the Hoxhunt COM add-in as you normally would. The traffic should now be routed to the specified endpoint.

 

Option 2: Changing the environment variable using Active Directory Group Policies

This option works for customers who have many employees using Hoxhunt COM add-in in classic desktop Outlook for Windows.

  1. On a domain controller or management workstation, open Group Policy Management Console (e.g., run gpmc.msc).
  2. Right-click your domain or an appropriate Organizational Unit (OU), then click Create a GPO in this domain, and Link it here… (or choose an existing GPO to edit).
  3. Give the GPO a recognizable name (e.g., “Hoxhunt URL Variable”).
  4. In the Group Policy Management Editor, go to User Configuration > Preferences > Windows Settings > Environment.
    (Use Computer Configuration if you want the variable to be set system-wide, but typically this is done per user.)
  5. In the Environment pane, right-click and select New > Environment Variable.

  6. For Action, choose Create or Replace.

  7. As Name, enter HOXHUNT_URL.

  8. As Value, enter api.obsolete-legacy-reporting.com.

  9. Confirm settings and apply the GPO.
    Click OK to save.
    Link the GPO to the OU containing your target user accounts (or computers if using Computer Configuration).

  10. Force a Group Policy Update by running gpupdate /force on client machines, or wait for the next scheduled policy refresh.

  11. Instruct users to restart Outlook for the new environment variable to take effect.

  12. Once the policy has been applied, the Hoxhunt COM add-in will route its traffic to the specified new endpoint. Users can report emails as they normally would.

 

 

Frequently asked questions

Why are you making this change?

To ensure security and reliability of the Hoxhunt service for all customers, we are phasing out deprecated TLS v1.0 an v1.1 support. The new endpoint configured now will retain support for legacy TLS until further notice.

 

When can we make the change?

The new endpoint is already available. Please make the change at any time that is convenient for you before February 10th, 2025.

 

What happens if we don’t make the change?

Hoxhunt Outlook COM add-in may stop working due to TLS protocol mismatch. This can be fixed by setting the COM add-in’s endpoint to correct value.

 

What are TLS 1.0 and TLS 1.1, and why are they being deprecated?

TLS (Transport Layer Security) is a protocol for securing internet communications. Versions 1.0 and 1.1 are outdated and have known vulnerabilities, making them insecure by modern standards. They no longer comply with industry security requirements, and have been replaced by TLS 1.2 and TLS 1.3, which offer stronger encryption and better performance.

 

What if I’m using legacy systems that cannot be upgraded?

If upgrading is not an option, consider using a proxy or load balancer that supports TLS 1.2+ to intermediate connections.

 

How will this change improve security?

Deprecating TLS 1.0 and 1.1 removes outdated, insecure protocols, reducing the risk of attacks such as: Man-in-the-middle (MITM) attacks, Downgrade attacks or Weak cipher vulnerabilities.

 

Will there be downtime during the transition?

No downtime is expected.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request