Na verdade, é mais seguro usar o TLS 1.1 / 1.2, já que relatórios recentes mostraram vulnerabilidade ao utilizar o TLS 1.0. Fonte: link
De acordo com o relatório acima, o motivo pelo qual o TLS 1.0 ainda é usado porque:
Chief culprits for the inertia are the Network Security Services package used to implement SSL in Mozilla's Firefox and Google's Chrome browsers, and OpenSSL, an open-source code library that millions of websites use to deploy TLS. In something of a chicken-and-egg impasse, neither toolkit offers recent versions of TLS, presumably because the other one doesn't.
“The problem is people will not improve things unless you give them a good reason, and by a good reason I mean an exploit,” said Ivan Ristic, Qualys's director of engineering. “It's terrible, isn't it?”
While both Mozilla and the volunteers maintaining OpenSSL have yet to implement TLS 1.2 at all, Microsoft has performed only slightly better. Secure TLS versions are available in its Internet Explorer browser and IIS webserver, but not by default. Opera also makes version 1.2 available but not be default in its browser.
.
A Microsoft tem uma recomendação de segurança para uma vulnerabilidade SSL e recomenda a ativação do TLS v1.1; há uma correção nessa página para ajudar a ativá-la corretamente.
.