The January 2026 updates will begin the phaseout of RC4 encryption in the Kerberos protocol for Windows Server. The trigger ...

RC4’s long, messy reign over Windows authentication At the center of this shift is RC4, short for Rivest Cipher 4, a stream cipher that once powered much of the internet’s “secure” traffic and is now ...

The Windows security updates from January herald the phase-out of insecure RC4 encryption. A vulnerability requires action.

Microsoft rolls out new Kerberos protections to block RC4 encryption, with enforcement mode becoming mandatory for domain controllers in 2026.

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Google, Microsoft, and Mozilla all made the ...

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.

Microsoft has finally decided to discontinue the RC4 encryption method that has been supported by default in Windows for 26 years. By eliminating this old technology, which has been the target of ...

Microsoft patched serious vulnerabilities Tuesday in Windows, Internet Explorer and Office, but also urged customers to stop using the aging RC4 cipher and SHA-1 hashing function in their systems and ...

SSL/TLS encryption once again is being haunted by an outdated and weak feature long past its prime: a newly discovered attack exploits a weakness in the older, less secure RC4 encryption algorithm ...

There’s an old saying in the security community: Attacks always get better. The latest case where that holds true is for the aging RC4 cipher that’s still widely used to encrypt communications on the ...