Microsoft Is Finally Killing RC4
4 months ago
- #Encryption
- #Microsoft
- #Cybersecurity
- Microsoft is finally deprecating the RC4 encryption algorithm in Windows after 26 years.
- RC4 has been a known security weakness, exploited in attacks like the breach of health giant Ascension, affecting 140 hospitals and 5.6 million patients.
- US Senator Ron Wyden criticized Microsoft for 'gross cybersecurity negligence' due to its continued default support for RC4.
- RC4's susceptibility to Kerberoasting attacks, known since 2014, was a key factor in its deprecation.
- Ray Dillinger reflects on the burden of flawed work and the importance of acting based on current understanding, despite potential future regrets.