Microsoft disables RC4 in Microsoft Edge and IE11 with the latest update

Microsoft Edge

Last year, Microsoft announced their decision to end the support of the RC4 cipher in Microsoft Edge and Internet Explorer 11 in early 2016. Back in April, they said that this change will be released as part of April’s cumulative security updates on April 12th, 2016. But this was delayed based on customer feedback. Today, they are releasing KB3151631 with the August 9, 2016 cumulative updates for Windows and IE, which disables RC4 in Microsoft Edge (Windows 10) and IE11 (Windows 7 and newer). With this update, the RC4 cipher will be disabled by default and will not be used during TLS fallback negotiations.

The percentage of insecure web services that support only RC4 is known to be small and shrinking.

If your web service relies on RC4, you will need to take action. Since 2013, Microsoft has recommended that customers enable TLS 1.2 in their services and remove support for RC4. For additional details, please see Security Advisory 2868725.  For supported ciphers, and additional information on ciphers see: Cipher Suites in TLS/SSL (Schannel SSP).

Read more about it here.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

Related
Comments