Microsoft deprecates RC4 in both Internet Explorer 11 and Edge

2 min. read

Published onAugust 9, 2016

published onAugust 9, 2016

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Security remains one of Microsoft’s most important goals inWindows 10. The company has been working on improving security in Windows for quite some time now, and their efforts have resulted in a Windows 10 that is perceived by many (including the company’s corporate clients) as more secure. Today,Microsoft announced another effort at improving Windows 10 security, specifically the removal of support for the RC4 cipher from Internet 11 and Edge.

Microsoft released KB3151631 as part of today’s Patch Tuesday set of updates that will disable RC4 in both Internet Explorer 11 on Windows 7 and later and in the Edge browser on Windows 10. As the company describes things:

RC4 is a stream cipher that was first described in 1987, and has been widely supported across web browsers and online services. Modern attacks have demonstrated that RC4 can be broken within hours or days. The typical attacks on RC4 exploit biases in the RC4 keystream to recover repeatedly encrypted plaintexts. In February 2015, these new attacksprompted the Internet Engineering Task Force to prohibit the use of RC4 with TLS.

Previously, Microsoft Edge and Internet Explorer 11 allowed RC4 during a fallback from TLS 1.2 or 1.1 to TLS 1.0. A fallback to TLS 1.0 with RC4 is most often the result of an innocent error, but this is indistinguishable from a man-in-the-middle attack. For this reason, RC4 is now entirely disabled by default for Microsoft Edge and Internet Explorer users on Windows 7, Windows 8.1 and Windows 10.

Most users won’t even know the update has been applied. However, if you’re responsible for a web site that utilizes RC4, then you’ll need to make some changes. Microsoft outlines the details inSecurity Advisory 2868725.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Radu Tyrsina

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Microsoft deprecates RC4 in both Internet Explorer 11 and Edge#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft deprecates RC4 in both Internet Explorer 11 and Edge