Tech »  Topic »  It's about time! Microsoft finally kills off encryption cipher blamed for multiple cyberattacks - RC4 bites the dust at last

It's about time! Microsoft finally kills off encryption cipher blamed for multiple cyberattacks - RC4 bites the dust at last

7 hours ago   techradar.com
  • RC4 has been exploited in high-profile attacks across enterprise Windows networks
  • Kerberoasting exploits weaknesses in Active Directory, allowing attackers to perform offline password cracking
  • AES-SHA1 requires thousands of times more resources than RC4 for cracking

Microsoft is moving to disable RC4, an encryption cipher embedded in Windows authentication for more than two decades.

The decision follows years of documented abuse, repeated warnings from security researchers, and several high-impact breaches tied to its continued availability.

RC4 entered Windows with the launch of Active Directory in 2000, where it became central to administrative authentication across enterprise networks.

Hackers are stealing the keys and walking through the front door, and AI is helping them turn the handleMicrosoft quietly patches LNK vulnerability that's been weaponized for yearsCISA warns high-severity Windows SMB flaw now exploited in attacks, so update now

Legacy support and ongoing vulnerabilities

RC4’s algorithm leaked in the mid-1990s ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE

More related news