Microsoft disables RC4 in Microsoft Edge and IE11 with the latest update

Reading time icon 1 min. read

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Microsoft Edge

Last year, Microsoft announced their decision to end the support of the RC4 cipher in Microsoft Edge and Internet Explorer 11 in early 2016. Back in April, they said that this change will be released as part of April’s cumulative security updates on April 12th, 2016. But this was delayed based on customer feedback. Today, they are releasing KB3151631 with the August 9, 2016 cumulative updates for Windows and IE, which disables RC4 in Microsoft Edge (Windows 10) and IE11 (Windows 7 and newer). With this update, the RC4 cipher will be disabled by default and will not be used during TLS fallback negotiations.

The percentage of insecure web services that support only RC4 is known to be small and shrinking.

If your web service relies on RC4, you will need to take action. Since 2013, Microsoft has recommended that customers enable TLS 1.2 in their services and remove support for RC4. For additional details, please see Security Advisory 2868725.  For supported ciphers, and additional information on ciphers see: Cipher Suites in TLS/SSL (Schannel SSP).

Read more about it here.

More about the topics: edge, internet explorer, microsoft, security, windows 10, windows 7, windows 8.1

Leave a Reply

Your email address will not be published. Required fields are marked *