From Newsgroup: comp.security.misc
Microsoft is killing off an obsolete and vulnerable encryption cipher
that Windows has supported by default for 26 years following more than a
decade of devastating hacks that exploited it and recently faced
blistering criticism from a prominent US senator.
When the software maker rolled out Active Directory in 2000, it made RC4
a sole means of securing the Windows component, which administrators use
to configure and provision fellow administrator and user accounts inside
large organizations. RC4, short for Rivest Cipher 4, is a nod to
mathematician and cryptographer Ron Rivest of RSA Security, who
developed the stream cipher in 1987. Within days of the
trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the
security it had been believed to provide. Despite the known
susceptibility, RC4 remained a staple in encryption protocols, including
SSL and its successor TLS, until about a decade ago.
Out with the old
One of the most visible holdouts in supporting RC4 has been Microsoft. Eventually, Microsoft upgraded Active Directory to support the much more
secure AES encryption standard. But by default, Windows servers have
continued to respond to RC4-based authentication requests and return an RC4-based response. The RC4 fallback has been a favorite weakness
hackers have exploited to compromise enterprise networks. Use of RC4
played a key role in last year’s breach of health giant Ascension. The
breach caused life-threatening disruptions at 140 hospitals and put the
medical records of 5.6 million patients into the hands of the attackers.
US Senator Ron Wyden (D-Ore.) in September called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity
negligence,” citing the continued default support for RC4.
Last week, Microsoft said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014,
that was the root cause of the initial intrusion into Ascension’s
network.
“By mid-2026, we will be updating domain controller defaults for the
Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later
to only allow AES-SHA1 encryption,” Matthew Palko, a Microsoft principal program manager, wrote. “RC4 will be disabled by default and only used
if a domain administrator explicitly configures an account or the KDC to
use it.”
AES-SHA1, an algorithm widely believed to be secure, has been available
in all supported Windows versions since the roll out of Windows Server
2008. Since then, Windows clients by default authenticated using the
much more secure standard, and servers responded using the same. But,
Windows servers, also by default, respond to RC4-based authentication
requests and returned an RC4-based response, leaving networks open to Kerberoasting.
Following next year’s change, RC4 authentication will no longer function
unless administrators perform the extra work to allow it. In the
meantime, Palko said, it’s crucial that admins identify any systems
inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy
systems for authenticating to Windows networks. These systems can often
go overlooked in networks even though they are required for crucial
functions.
https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obso lete-cipher-that-has-wreaked-decades-of-havoc/
--- Synchronet 3.21a-Linux NewsLink 1.2