Ars Technica

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and ...
Ars Technica

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form ...
Threat Post

Microsoft Releases Six Bulletins, Continues RC4 Deprecation

Microsoft released six security bulletins today, and continued its deprecation of the weak RC4 encryption algorithm across Windows systems. Microsoft’s monthly release of security bulletins today is a ...
Bleeping Computer

U.S. Senator accuses Microsoft of “gross cybersecurity negligence”

The RC4 encryption algorithm is still an option in Kerberos, despite being a weak cipher with vulnerabilities that allow recovering plaintext information. It is worth noting that Microsoft pledged to ...
Dark Reading

SSL/TLS Suffers 'Bar Mitzvah Attack'

SSL/TLS encryption once again is being haunted by an outdated and weak feature long past its prime: a newly discovered attack exploits a weakness in the older, less secure RC4 encryption algorithm ...