About time: Microsoft introduced support for the RC4 stream cipher in Windows 2000 as the default authentication algorithm for the Active Directory services. The system has been insecure for even ...

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form ...

RC4 has been exploited in high-profile attacks across enterprise Windows networks Kerberoasting exploits weaknesses in Active Directory, allowing attackers to perform offline password cracking ...

Although RC4 encryption should already be a thing of the past, it is still used sporadically today. Microsoft has now announced that it will remove Rivest Cipher 4 from Kerberos. This is intended to ...

Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and ...

RC4 has been exploited in high-profile attacks across enterprise Windows networks Kerberoasting exploits weaknesses in Active Directory, allowing attackers to perform offline password cracking ...

In the Windows Release Health Message Center, Microsoft explains that the software fix for a security vulnerability in Kerberos initiates the hardening of Kerberos with RC4. The vulnerability itself ...