Microsoft kills an outdated and vulnerable encryption that Windows has supported by default for 26 years. This follows more than a decade of devastating hacks that exploited it and recent harsh criticism from a prominent US senator.
When the software company rolled out Active Directory in 2000, RC4 became the only way to secure the Windows component, which administrators use to configure and provision administrator and user accounts within large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Days after the trade secret-protected algorithm was leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it was supposed to provide. Despite its known vulnerability, RC4 remained a staple of encryption protocols, including SSL and its successor TLS, until about a decade ago.
Hang out with the old people
One of the most visible holdouts against RC4 support has been Microsoft. Eventually, Microsoft upgraded Active Directory to support the much more secure AES encryption standard. But by default, Windows servers continued to respond to RC4-based authentication requests and return an RC4-based response. The RC4 fallback is one of the most exploited weaknesses by hackers to compromise corporate networks. The use of RC4 played a key role in the breach of healthcare giant Ascension last year. The breach caused life-threatening disruptions to 140 hospitals and put the medical records of 5.6 million patients in the hands of attackers. U.S. Sen. Ron Wyden, an Oregon Democrat, in September called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing RC4’s continued default support.
“By mid-2026, we will update the domain controller default settings for Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption,” wrote Matthew Palko, Microsoft senior program manager. “RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it.”
AES-SHA1, an algorithm widely considered secure, has been available in all supported versions of Windows since the deployment of Windows Server 2008. Since then, Windows clients authenticate by default using the much more secure standard, and servers respond using the same. But Windows servers, also by default, respond to RC4-based authentication requests and return an RC4-based response, leaving networks open to Kerberoasting.
Following next year’s change, RC4 authentication will no longer work unless admins do the extra work to allow it. In the meantime, Palko said, it’s crucial that administrators identify all systems within their networks that rely on encryption. Despite known vulnerabilities, RC4 remains the only way for some existing third-party systems to authenticate on Windows networks. These systems can often be overlooked in networks, even though they are necessary for crucial functions.
