Microsoft Will Finally Kill Obsolete Cipher That Has Wrecked Decades of Havoc (arstechnica.com)
(Monday December 15, 2025 @10:30PM (BeauHD)
from the end-of-the-road dept.)
- Reference: 0180392803
- News link: https://it.slashdot.org/story/25/12/15/2244255/microsoft-will-finally-kill-obsolete-cipher-that-has-wrecked-decades-of-havoc
- Source link: https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/
An anonymous reader quotes a report from Ars Technica:
> Microsoft is [1]killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the software maker rolled out Active Directory in 2000, it made RC4 a sole means of securing the Windows component, which administrators use to configure and provision fellow administrator and user accounts inside large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Within days of the trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it had been believed to provide. Despite the known susceptibility, RC4 remained a staple in encryption protocols, including SSL and its successor TLS, until about a decade ago. [...]
>
> Last week, Microsoft [2]said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014, that was the root cause of the initial intrusion into Ascension's network. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," Matthew Palko, a Microsoft principal program manager, wrote. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." [...] Following next year's change, RC4 authentication will no longer function unless administrators perform the extra work to allow it. In the meantime, Palko said, it's crucial that admins identify any systems inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy systems for authenticating to Windows networks. These systems can often go overlooked in networks even though they are required for crucial functions.
>
> To streamline the identification of such systems, Microsoft is making several tools available. One is an update to KDC logs that will track both requests and responses that systems make using RC4 when performing requests through Kerberos. Kerberos is an industry-wide authentication protocol for verifying the identities of users and services over a non-secure network. It's the sole means for mutual authentication to Active Directory, which hackers attacking Windows networks widely consider a Holy Grail because of the control they gain once it has been compromised. Microsoft is also introducing new PowerShell scripts to sift through security event logs to more easily pinpoint problematic RC4 usage. Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn't easy.
"The problem though is that it's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft's Windows Authentication team, [3]wrote on Bluesky. "See," he continued, "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."
[1] https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/
[2] https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication
[3] https://bsky.app/profile/syfuhs.net/post/3m7npxlaiy22r
> Microsoft is [1]killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the software maker rolled out Active Directory in 2000, it made RC4 a sole means of securing the Windows component, which administrators use to configure and provision fellow administrator and user accounts inside large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Within days of the trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it had been believed to provide. Despite the known susceptibility, RC4 remained a staple in encryption protocols, including SSL and its successor TLS, until about a decade ago. [...]
>
> Last week, Microsoft [2]said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014, that was the root cause of the initial intrusion into Ascension's network. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," Matthew Palko, a Microsoft principal program manager, wrote. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." [...] Following next year's change, RC4 authentication will no longer function unless administrators perform the extra work to allow it. In the meantime, Palko said, it's crucial that admins identify any systems inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy systems for authenticating to Windows networks. These systems can often go overlooked in networks even though they are required for crucial functions.
>
> To streamline the identification of such systems, Microsoft is making several tools available. One is an update to KDC logs that will track both requests and responses that systems make using RC4 when performing requests through Kerberos. Kerberos is an industry-wide authentication protocol for verifying the identities of users and services over a non-secure network. It's the sole means for mutual authentication to Active Directory, which hackers attacking Windows networks widely consider a Holy Grail because of the control they gain once it has been compromised. Microsoft is also introducing new PowerShell scripts to sift through security event logs to more easily pinpoint problematic RC4 usage. Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn't easy.
"The problem though is that it's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft's Windows Authentication team, [3]wrote on Bluesky. "See," he continued, "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."
[1] https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/
[2] https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication
[3] https://bsky.app/profile/syfuhs.net/post/3m7npxlaiy22r
Havoc == rekt (Score:4, Informative)
by Kunedog ( 1033226 )
You mean " wreaked havoc."
Re: (Score:2)
by battingly ( 5065477 )
Irregardless, I could care less.
Re: (Score:2)
by Mr. Dollar Ton ( 5495648 )
TBF, many man-decades were wrecked fixing the WIndows security problems.
In related news ... (Score:1)
by PPH ( 736903 )
... Slashdot editing continues to wreak havoc with the English language.
Re: (Score:2)
by awwshit ( 6214476 )
Just think of all the Havoc that was Wrecked by having RC4 at all. We are taking Microsoft, they could have just put all usernames and passwords in a plaintext ini file.
Ah, microsoft... (Score:4, Informative)
Is "retiring" the RC4 a decision of Microsoft that was good if desperately late? Nope, it is a response to someone asking the FTC to investigate why a source of many problems is still in use after so many decades:
[1]https://www.schneier.com/blog/... [schneier.com]
> "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."
LOL, the algorithm was chosen because it made moving people off NT4 domains to AD back 25 years ago "easy". And that time was the time when Microsoft was desperate to block the massive Linux inroads into the server business, so anything was good.
In short, this is microsoft being the bad ole microsoft and nothing else.
[1] https://www.schneier.com/blog/archives/2025/09/microsoft-still-uses-rc4.html
Re: (Score:1)
> the algorithm was chosen because it made moving people off NT4 domains to AD back 25 years ago "easy".
That's a plausible reason to have it.
But it should've come disabled by default and with a warning label: "RC4 has known issues, enable it only if you have to."
This way, companies upgrading existing networks would turn it on knowing they will eventually turn it off, and companies starting all-new networks (e.g. new companies) could start things off with RC4 off by default.
Re: (Score:2)
> This way, companies upgrading existing networks would turn it on knowing they will eventually turn it off
Really? Turn it off and some old but critical piece of gear fails. Quick! Turn it back on.
Years later: Does anyone know why this crufty piece of garbage is still enabled? No? Turn it off. Again, some old but critical piece of gear fails. Rinse and repeat.
Re: (Score:2)
IIRC RC4 was dead in the water not a year after it was announced and leaked in the wild in the mid-90s. Whoever developed Win NT certainly had options.
> But it should've come disabled by default and with a warning label: "RC4 has known issues, enable it only if you have to."
This isn't any less irresponsible, though and it would not have flown. The companies that used NT and the later server windows series bought them for the network functionality and 99% of them were, are and will be unable to produce a replacement encrypted authentication and authorization, because it ain't their business. It is the job of the vendor.
How well w