The Windows security updates from January herald the phase-out of insecure RC4 encryption. A vulnerability requires action.

IT之家 12 月 16 日消息，微软 Windows 身份验证团队负责人 Steve Syfuhs 于 12 月 11 日在 Bluesky 上宣布，微软正准备彻底废除已存在 25 年的过时加密算法 RC4。 IT之家注：RC4 全称为 Rivest Cipher 4，是一种诞生于 1987 年的老式流加密算法，曾广泛用于网络传输加密。

Microsoft is officially moving to shut the door on RC4 - a legacy cryptographic cipher that has quietly persisted inside Windows authentication environments for decades - and forcing organizations to ...

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.

Microsoft has finally decided to discontinue the RC4 encryption method that has been supported by default in Windows for 26 years. By eliminating this old technology, which has been the target of ...

RC4 has been exploited in high-profile attacks across enterprise Windows networks Kerberoasting exploits weaknesses in Active Directory, allowing attackers to perform offline password cracking ...

About time: Microsoft introduced support for the RC4 stream cipher in Windows 2000 as the default authentication algorithm for the Active Directory services. The system has been insecure for even ...

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form ...

Although RC4 encryption should already be a thing of the past, it is still used sporadically today. Microsoft has now announced that it will remove Rivest Cipher 4 from Kerberos. This is intended to ...