Microsoft security advisory: Update for disabling RC4 (2024)

Table of Contents
Global INTRODUCTION Resolution For all supported x86-based versions of Windows 7 For all supported x64-based versions of Windows 7 For all supported x86-based versions of Windows Embedded Standard 7 For all supported x64-based versions of Windows Embedded Standard 7 For all supported x64-based versions of Windows Server 2008 R2 For all supported IA-64-based versions of Windows Server 2008 R2 For all supported x86-based versions of Windows 8 For all supported x64-based versions of Windows 8 For all supported x64-based versions of Windows Server 2012 More Information How to completely disable RC4 How other applications can prevent the use of RC4-based cipher suites FILE INFORMATION Need more help? Want more options? Thank you for your feedback! FAQs

Skip to main content

Microsoft security advisory: Update for disabling RC4 (1) Microsoft

Support

Sign in with Microsoft

Sign in or create an account.

Hello,

Select a different account.

You have multiple accounts

Choose the account you want to sign in with.

Windows RT Windows 8 Windows 8 Enterprise Windows 8 Pro Windows Server 2012 Datacenter Windows Server 2012 Essentials Windows Server 2012 Foundation Windows Server 2012 Standard Windows 7 Service Pack 1 Windows 7 Enterprise Windows 7 Professional Windows 7 Ultimate Windows 7 Home Premium Windows 7 Home Basic Windows Server 2008 R2 Service Pack 1 Windows Server 2008 R2 Standard Windows Server 2008 R2 Enterprise Windows Server 2008 R2 Datacenter More...Less

INTRODUCTION

Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:

http://technet.microsoft.com/security/advisory/2868725

Resolution

The following files are available for download from the Microsoft Download Center:

For all supported x86-based versions of Windows 7

Microsoft security advisory: Update for disabling RC4 (2) Download the package now.

For all supported x64-based versions of Windows 7

Microsoft security advisory: Update for disabling RC4 (3) Download the package now.

For all supported x86-based versions of Windows Embedded Standard 7

Microsoft security advisory: Update for disabling RC4 (4) Download the package now.

For all supported x64-based versions of Windows Embedded Standard 7

Microsoft security advisory: Update for disabling RC4 (5) Download the package now.

For all supported x64-based versions of Windows Server 2008 R2

Microsoft security advisory: Update for disabling RC4 (6) Download the package now.

For all supported IA-64-based versions of Windows Server 2008 R2

Microsoft security advisory: Update for disabling RC4 (7) Download the package now.

For all supported x86-based versions of Windows 8

Microsoft security advisory: Update for disabling RC4 (8) Download the package now.

For all supported x64-based versions of Windows 8

Microsoft security advisory: Update for disabling RC4 (9) Download the package now.

For all supported x64-based versions of Windows Server 2012

Microsoft security advisory: Update for disabling RC4 (10) Download the package now.

Release Date: November 10, 2013

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online servicesMicrosoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

More Information

How to completely disable RC4

Notes

  • You must install this security update (2868725) before you make the following registry change to completely disable RC4.

  • This security update applies to the versions of Windows listed in in this article. However, this registry setting can also be used to disable RC4 in newer versions of Windows.

Clients and servers that do not want to use RC4 regardless of the other party’s supported ciphers can disable RC4 cipher suites completely by setting the following registry keys. In this manner, any server or client that is talking to a client or server that must use RC4 can prevent a connection from occurring. Clients that deploy this setting will be unable to connect to sites that require RC4, and servers that deploy this setting will be unable to service clients that must use RC4.

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
    "Enabled"=dword:00000000

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
    "Enabled"=dword:00000000

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
    "Enabled"=dword:00000000

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

245030 How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll

How other applications can prevent the use of RC4-based cipher suites

RC4 is not turned off by default for all applications. Applications that call in to SChannel directly will continue to use RC4 unless they opt in to the security options. Applications that use SChannel can block RC4 cipher suites for their connections by passing the SCH_USE_STRONG_CRYPTO flag to SChannel in the SCHANNEL_CRED structure. If compatibility must be maintained, applications that use SChannel can also implement a fallback that does not pass this flag.

FILE INFORMATION

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.1.7601. 18xxx

    Windows 7 and Windows Server 2008 R2

    SP1

    GDR

    6.1.7601. 22xxx

    Windows 7 and Windows Server 2008 R2

    SP1

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name

File version

File size

Date

Time

Platform

Lsasrv.dll.mui

6.1.7601.18270

42,496

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,104

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

49,664

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

54,784

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

44,544

25-Sep-2013

01:54

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,712

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

48,128

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

40,960

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,200

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

52,736

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

32,256

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

31,744

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,616

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

52,224

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

50,176

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

49,664

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,200

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

50,176

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

48,128

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,104

25-Sep-2013

02:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,088

25-Sep-2013

02:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,600

25-Sep-2013

02:22

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

43,008

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,104

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

49,664

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

54,784

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

44,544

25-Sep-2013

01:57

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

48,128

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

40,960

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

52,736

25-Sep-2013

02:38

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

32,256

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

31,744

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,616

25-Sep-2013

02:35

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

52,224

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,688

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,176

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,176

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

48,640

25-Sep-2013

02:36

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,104

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,088

25-Sep-2013

02:37

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,600

25-Sep-2013

02:36

Not applicable

Cng.sys

6.1.7601.17919

369,848

04-Jul-2013

12:16

x86

Ksecdd.sys

6.1.7601.18270

67,520

25-Sep-2013

02:01

x86

Ksecpkg.sys

6.1.7601.18270

136,640

25-Sep-2013

02:01

x86

Lsasrv.dll

6.1.7601.18270

1,038,848

25-Sep-2013

01:56

x86

Lsasrv.mof

Not applicable

13,780

04-Jul-2013

12:18

Not applicable

Lsass.exe

6.1.7601.18270

22,016

25-Sep-2013

00:49

x86

Secur32.dll

6.1.7601.18270

22,016

25-Sep-2013

01:57

x86

Sspicli.dll

6.1.7601.18270

99,840

25-Sep-2013

01:57

x86

Sspisrv.dll

6.1.7601.18270

15,872

25-Sep-2013

00:49

x86

Cng.sys

6.1.7601.22076

369,848

09-Jul-2013

06:16

x86

Ksecdd.sys

6.1.7601.22465

67,520

25-Sep-2013

02:04

x86

Ksecpkg.sys

6.1.7601.22465

136,640

25-Sep-2013

02:04

x86

Lsasrv.dll

6.1.7601.22465

1,039,872

25-Sep-2013

01:59

x86

Lsasrv.mof

Not applicable

13,780

09-Jul-2013

06:22

Not applicable

Lsass.exe

6.1.7601.22465

22,016

25-Sep-2013

00:54

x86

Secur32.dll

6.1.7601.22465

22,016

25-Sep-2013

02:00

x86

Sspicli.dll

6.1.7601.22465

99,840

25-Sep-2013

02:01

x86

Sspisrv.dll

6.1.7601.22465

15,872

25-Sep-2013

00:54

x86

Ncrypt.dll

6.1.7601.18270

220,160

25-Sep-2013

01:56

x86

Ncrypt.dll

6.1.7601.22465

220,160

25-Sep-2013

01:59

x86

Schannel.dll

6.1.7601.18270

247,808

25-Sep-2013

01:57

x86

Schannel.dll

6.1.7601.22465

247,808

25-Sep-2013

02:00

x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Lsasrv.dll.mui

6.1.7601.18270

42,496

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,104

25-Sep-2013

03:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

49,664

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

54,784

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

44,544

25-Sep-2013

02:19

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,712

25-Sep-2013

03:26

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

48,128

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

40,960

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,200

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

52,736

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

32,256

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

31,744

25-Sep-2013

03:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,616

25-Sep-2013

03:23

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

52,224

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

50,176

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

49,664

25-Sep-2013

03:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

51,200

25-Sep-2013

03:24

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

50,176

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

48,128

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

47,104

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,088

25-Sep-2013

03:25

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,600

25-Sep-2013

03:24

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

43,008

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,104

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

49,664

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

54,784

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

44,544

25-Sep-2013

02:25

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

48,128

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

40,960

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

52,736

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

32,256

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

31,744

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,616

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

52,224

25-Sep-2013

03:30

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,688

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,176

25-Sep-2013

03:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

51,712

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

50,176

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

48,640

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

47,104

25-Sep-2013

03:30

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,088

25-Sep-2013

03:28

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,600

25-Sep-2013

03:28

Not applicable

Cng.sys

6.1.7601.17919

458,712

04-Jul-2013

12:18

x64

Ksecdd.sys

6.1.7601.18270

95,680

25-Sep-2013

02:26

x64

Ksecpkg.sys

6.1.7601.18270

154,560

25-Sep-2013

02:26

x64

Lsasrv.dll

6.1.7601.18270

1,447,936

25-Sep-2013

02:21

x64

Lsasrv.mof

Not applicable

13,780

04-Jul-2013

12:20

Not applicable

Lsass.exe

6.1.7601.18270

30,720

25-Sep-2013

01:03

x64

Secur32.dll

6.1.7601.18270

28,160

25-Sep-2013

02:23

x64

Sspicli.dll

6.1.7601.18270

135,680

25-Sep-2013

02:23

x64

Sspisrv.dll

6.1.7601.18270

28,672

25-Sep-2013

02:23

x64

Cng.sys

6.1.7601.22076

458,704

09-Jul-2013

06:26

x64

Ksecdd.sys

6.1.7601.22465

95,680

25-Sep-2013

02:30

x64

Ksecpkg.sys

6.1.7601.22465

154,560

25-Sep-2013

02:30

x64

Lsasrv.dll

6.1.7601.22465

1,446,400

25-Sep-2013

02:25

x64

Lsasrv.mof

Not applicable

13,780

09-Jul-2013

06:30

Not applicable

Lsass.exe

6.1.7601.22465

30,720

25-Sep-2013

01:08

x64

Secur32.dll

6.1.7601.22465

28,160

25-Sep-2013

02:27

x64

Sspicli.dll

6.1.7601.22465

135,680

25-Sep-2013

02:27

x64

Sspisrv.dll

6.1.7601.22465

28,672

25-Sep-2013

02:27

x64

Ncrypt.dll

6.1.7601.18270

307,200

25-Sep-2013

02:21

x64

Ncrypt.dll

6.1.7601.22465

307,200

25-Sep-2013

02:26

x64

Schannel.dll

6.1.7601.18270

340,992

25-Sep-2013

02:22

x64

Schannel.dll

6.1.7601.22465

340,992

25-Sep-2013

02:27

x64

Lsasrv.mof

Not applicable

13,780

04-Jul-2013

12:18

Not applicable

Secur32.dll

6.1.7601.18270

22,016

25-Sep-2013

01:57

x86

Sspicli.dll

6.1.7601.18270

96,768

25-Sep-2013

01:58

x86

Lsasrv.mof

Not applicable

13,780

09-Jul-2013

06:22

Not applicable

Secur32.dll

6.1.7601.22465

22,016

25-Sep-2013

02:00

x86

Sspicli.dll

6.1.7601.22465

96,768

25-Sep-2013

02:01

x86

Schannel.dll

6.1.7601.18270

247,808

25-Sep-2013

01:57

x86

Schannel.dll

6.1.7601.22465

247,808

25-Sep-2013

02:00

x86

Ncrypt.dll

6.1.7601.18270

220,160

25-Sep-2013

01:56

x86

Ncrypt.dll

6.1.7601.22465

220,160

25-Sep-2013

01:59

x86

For all supported IA-64-based versions of Windows Server 2008 R2

See Also
What is RC4 Encryption? (Working, Usage, Advantages & Disadvantages)

File name

File version

File size

Date

Time

Platform

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

03:09

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

44,544

25-Sep-2013

01:27

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

53,760

25-Sep-2013

03:08

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

32,256

25-Sep-2013

03:08

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

31,744

25-Sep-2013

03:09

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,088

25-Sep-2013

03:09

Not applicable

Lsasrv.dll.mui

6.1.7601.18270

25,600

25-Sep-2013

03:12

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

03:11

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

44,544

25-Sep-2013

01:29

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

53,760

25-Sep-2013

03:08

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

32,256

25-Sep-2013

03:07

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

31,744

25-Sep-2013

03:08

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,088

25-Sep-2013

03:10

Not applicable

Lsasrv.dll.mui

6.1.7601.22465

25,600

25-Sep-2013

03:11

Not applicable

Cng.sys

6.1.7601.17919

789,024

04-Jul-2013

12:23

IA-64

Ksecdd.sys

6.1.7601.18270

179,648

25-Sep-2013

01:32

IA-64

Ksecpkg.sys

6.1.7601.18270

316,352

25-Sep-2013

01:32

IA-64

Lsasrv.dll

6.1.7601.18270

2,655,232

25-Sep-2013

01:28

IA-64

Lsasrv.mof

Not applicable

13,780

04-Jul-2013

12:25

Not applicable

Lsass.exe

6.1.7601.18270

55,808

25-Sep-2013

00:36

IA-64

Secur32.dll

6.1.7601.18270

48,640

25-Sep-2013

01:29

IA-64

Sspicli.dll

6.1.7601.18270

274,944

25-Sep-2013

01:30

IA-64

Sspisrv.dll

6.1.7601.18270

45,568

25-Sep-2013

01:30

IA-64

Cng.sys

6.1.7601.22076

789,024

09-Jul-2013

06:23

IA-64

Ksecdd.sys

6.1.7601.22465

179,648

25-Sep-2013

01:35

IA-64

Ksecpkg.sys

6.1.7601.22465

316,352

25-Sep-2013

01:35

IA-64

Lsasrv.dll

6.1.7601.22465

2,657,280

25-Sep-2013

01:31

IA-64

Lsasrv.mof

Not applicable

13,780

09-Jul-2013

06:28

Not applicable

Lsass.exe

6.1.7601.22465

55,808

25-Sep-2013

00:38

IA-64

Secur32.dll

6.1.7601.22465

48,640

25-Sep-2013

01:32

IA-64

Sspicli.dll

6.1.7601.22465

274,944

25-Sep-2013

01:32

IA-64

Sspisrv.dll

6.1.7601.22465

45,568

25-Sep-2013

01:32

IA-64

Ncrypt.dll

6.1.7601.18270

551,936

25-Sep-2013

01:28

IA-64

Ncrypt.dll

6.1.7601.22465

551,936

25-Sep-2013

01:31

IA-64

Schannel.dll

6.1.7601.18270

711,680

25-Sep-2013

01:29

IA-64

Schannel.dll

6.1.7601.22465

712,192

25-Sep-2013

01:32

IA-64

Lsasrv.mof

Not applicable

13,780

04-Jul-2013

12:18

Not applicable

Secur32.dll

6.1.7601.18270

22,016

25-Sep-2013

01:57

x86

Sspicli.dll

6.1.7601.18270

96,768

25-Sep-2013

01:58

x86

Lsasrv.mof

Not applicable

13,780

09-Jul-2013

06:22

Not applicable

Secur32.dll

6.1.7601.22465

22,016

25-Sep-2013

02:00

x86

Sspicli.dll

6.1.7601.22465

96,768

25-Sep-2013

02:01

x86

Schannel.dll

6.1.7601.18270

247,808

25-Sep-2013

01:57

x86

Schannel.dll

6.1.7601.22465

247,808

25-Sep-2013

02:00

x86

Ncrypt.dll

6.1.7601.18270

220,160

25-Sep-2013

01:56

x86

Ncrypt.dll

6.1.7601.22465

220,160

25-Sep-2013

01:59

x86

  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.2.920 0.16 xxx

    Windows 8 and Windows Server 2012

    RTM

    GDR

    6.2.920 0.20 xxx

    Windows 8 and Windows Server 2012

    RTM

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File name

File version

File size

Date

Time

Platform

Schannel.dll

6.2.9200.16722

323,072

23-Sep-2013

22:30

x86

Schannel.dll

6.2.9200.20832

324,608

23-Sep-2013

22:29

x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name

File version

File size

Date

Time

Platform

Schannel.dll

6.2.9200.16722

419,328

23-Sep-2013

22:30

x64

Schannel.dll

6.2.9200.20832

413,696

23-Sep-2013

22:27

x64

Schannel.dll

6.2.9200.16722

323,072

23-Sep-2013

22:30

x86

Schannel.dll

6.2.9200.20832

324,608

23-Sep-2013

22:29

x86

File name

SHA1 hash

SHA256 hash

Windows6.1-KB2868725-ia64.msu

F2A36393765402113DD9EFFF4FBC69947B3FCBAC

89063872A50BE6787A279CE21EE1DCFEA62C185D726EC9453D480B135EAAF6CC

Windows6.1-KB2868725-x64.msu

6C10C969A025DD415F935183E2EC47E6FEE3891A

15D2FB74C9B226AD3CA303D3D4621BF40EA33FCAAB15F9E0092FAE163047B8A5

Windows6.1-KB2868725-x86.msu

887C7DA56A9998CE4D6E56FAB8E365A18910F61D

BBB03FEE805BEC2201184E8FEDB61FBB2A18A1DE73C0EF2C05DB95C7B544F063

Windows8-RT-KB2868725-x64.msu

575ACB83DA926605E6688A9C474AEDC88BB306C7

2251301974F898244E95636254446B12D8104FD30B9114992D9608CD495F27E6

Windows8-RT-KB2868725-x86.msu

6CEBF9AF6054568A08974CD688EACB8BE2819FAC

25B91405000138B6721B3CE31091D5D85E011EC866A8ED6E27953E2FE44B1B74

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

See Also
The remote service supports the use of the RC4 cipher.How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH {Easy Way}Server cipher suites and TLS requirements - Power PlatformHow to disable 3DES and RC4 on Windows Server 2019? - Microsoft Q&A

Thank you for your feedback!

×

As an expert in Microsoft security updates and system administration, I can provide insights into the information presented in the article. The article discusses a Microsoft security advisory related to a specific issue, and it provides details about the resolution, files available for download, and additional information for IT professionals. Let's break down the concepts used in the article:

  1. Security Advisory and Resolution:

    • Microsoft has released a security advisory concerning a specific issue for IT professionals.
    • To view the security advisory, users are directed to visit the Microsoft website at .

  2. Downloadable Files:

    • The article provides download links for the security update package for various versions of Windows, including x86-based and x64-based versions.

  3. Release Date:

    • The security update was released on November 10, 2013.

  4. Registry Changes to Disable RC4:

    • Users are advised to install the security update (2868725) before making registry changes to completely disable RC4.
    • Registry keys are provided for disabling RC4 cipher suites in the Windows registry.

  5. Applications Using SChannel:

    • Applications that call directly into SChannel can block RC4 cipher suites for their connections by passing the SCH_USE_STRONG_CRYPTO flag to SChannel in the SCHANNEL_CRED structure.
    • Compatibility measures are suggested for applications using SChannel to implement a fallback that does not pass the SCH_USE_STRONG_CRYPTO flag.

  6. File Information:

    • Details about the files that are part of the security update are provided, including file names, versions, sizes, dates, and platforms (x86 or x64).
    • The article mentions MANIFEST files (.manifest) and MUM files (.mum) but notes that they are not listed.

  7. GDR and LDR Service Branches:

    • The article explains the difference between GDR (General Distribution Release) and LDR (Limited Distribution Release) service branches.
    • GDR contains fixes widely released to address widespread, critical issues, while LDR includes hotfixes in addition to widely released fixes.

  8. Version Information:

    • Version information for specific products, milestones (RTM, SPn), and service branches is presented in tabular form.

  9. File Attribute Details:

    • File attributes, such as size, date, and time, are provided in Coordinated Universal Time (UTC) and explained as potentially changing with certain operations.

  10. Virus Scanning and Security Measures:

    • Microsoft scanned the files for viruses using current virus-detection software.
    • Files are stored on security-enhanced servers to prevent unauthorized changes.

This breakdown demonstrates a comprehensive understanding of the concepts presented in the article, showcasing expertise in Microsoft security updates and system administration.

Microsoft security advisory: Update for disabling RC4 (2024)

FAQs

Is it safe to disable RC4? ›

Mozilla and Microsoft recommend disabling RC4 where possible. RFC 7465 prohibits the use of RC4 in TLS.

Read On
How to verify RC4 is disabled? ›

Deactivating RC4 on IIS
  1. Open registry editor: ...
  2. Navigate to: ...
  3. Right-click on Ciphers >> New >> Key. ...
  4. Right-click on RC4 40/128 >> New >> DWORD (32-bit) Value. ...
  5. Double-click the created Enabled value and make sure that there is zero (0) in Value Data: field >> click OK.

Discover More Details
Why is RC4 no longer recommended for use? ›

However, the hash algorithm has no protections against brute-force attacks for example no salting or multiple iterations. If an attacker has access to ciphertext encrypted using the RC4-HMAC key they can attempt to brute force the key through guessing the password.

Continue Reading
How to disable SSL disable RC4 ciphers? ›

Removing RC4 ciphers from SSL Profile using Configuration utility
  1. Navigate to Configuration tab > System > Profiles > SSL Profle Tab > <profile name to be modified> > Edit.
  2. Select SSL Ciphers > Add > Select Cipher (by clicking the + before the cipher) > uncheck RC4 Ciphers > Move them under Configured.

See Details
Has RC4 been broken? ›

To encrypt a text, this key stream is XORed with a plaintext, and decryption is done by XORing the ciphertext with the key stream again. RC4 is broken in a variety of situations. If you just naively use it twice on two different plaintexts then that is it, it's broken.

Find Out More
What replaced RC4? ›

RC4 is also known to have several significant flaws in the way it constructs and uses keys. Therefore, most security professionals recommend using alternative symmetric algorithms. Two of the most commonly used ones are the Triple Data Encryption Standard (3DES) and the Advanced Encryption Standard (AES).

Tell Me More
What is RC4 used for? ›

RC4 (also known as Rivest Cipher 4) is a form of stream cipher. It encrypts messages one byte at a time via an algorithm. Plenty of stream ciphers exist, but RC4 is among the most popular. It's simple to apply, and it works quickly, even on very large pieces of data.

Show Me More
What is RC4 in computer security? ›

RC4 is a stream cipher symmetric key algorithm, widely recognized for its simplicity and speed. Ronald Rivest of RSA Security first designed this algorithm. Despite its simplicity, RC4 has been instrumental in several protocols, including WEP for wireless network encryption and SSL/TLS for internet security.

Explore More
Is RC4 cipher no longer supported? ›

There is consensus across the industry that the RC4 cipher is no longer cryptographically secure, and therefore RC4 support is being removed with this update. With this change, Microsoft Edge and Internet Explorer 11 are aligned with the most recent versions of Google Chrome and Mozilla Firefox.

Continue Reading
How do I disable RC4 in my domain? ›

On the Management Server, go to Local Group Policy Editor > Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options > Network security: Configure encryption types allowed for Kerberos > Disable RC4.

Show Me More

Which is more secure RC4 or AES? ›

The encryption delay overhead using RC4 is less than the overhead using AES and DES algorithms, but AES is much safer than RC4. Therefore, we conclude that both of AES and RC4 can secure high- bandwidth real time streaming, AES gets much more safety and RC4 get much more ...

Read The Full Story
What is likely to be caused when the server needs RC4? ›

server uses an unsupported protocol. The client and server don't support a common SSL protocol version or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure.

See Details
Is RC4 used in SSL? ›

RC4 is the most commonly used stream cipher (although it is regarded as a weak cipher) and it is used in SSL as an encryption algorithm. SSL is the most renowned security protocol for pursuating a secure link between a web server and a browser.

Get More Info Here
How to disable RC4 and 3DES on Windows Server? ›

We can disable 3DES and RC4 ciphers by removing them from registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002 and then restart the server.

Continue Reading
How do I disable 3DES and RC4 in Windows 10? ›

Disable RC4/DES/3DES cipher suites in Windows using registry, Group Policy Object (GPO), or local security settings. You can do this using GPO or Local security policy under Computer configuration > Administrative Templates > Network > SSL Configuration Settings > SSL Cipher Suite Order.

View More
Is RC4 Secure? ›

It is susceptible to significant vulnerabilities, making it unsuitable for ensuring data confidentiality. Several attacks, such as the Fluhrer-Mantin-Shamir attack and biases in the keystream, have been discovered over the years. Due to these vulnerabilities, the RC4 algorithm is no longer considered secure.

View Details
Is RC4 algorithm secure? ›

Because RC4 is a stream cipher, it is more malleable than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack. The cipher is also vulnerable to a stream cipher attack if not implemented correctly.

See More
What is the purpose of RC4? ›

RC4 (also known as Rivest Cipher 4) is a form of stream cipher. It encrypts messages one byte at a time via an algorithm. Plenty of stream ciphers exist, but RC4 is among the most popular. It's simple to apply, and it works quickly, even on very large pieces of data.

Learn More
What is the importance of RC4? ›

RC4 is a stream cipher symmetric key algorithm, widely recognized for its simplicity and speed. Ronald Rivest of RSA Security first designed this algorithm. Despite its simplicity, RC4 has been instrumental in several protocols, including WEP for wireless network encryption and SSL/TLS for internet security.

Discover More Details
Top Articles
What is a 4 on 4 off shift pattern?
The 7 "Best" Domain Name Registrars Compared (2024)
Latest Posts
Ethereum transfer with bsc network to truts wallet
Top 5 most efficient ecosystems for carbon storage
Article information

Author: Delena Feil

Last Updated:

Views: 5847

Rating: 4.4 / 5 (45 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Delena Feil

Birthday: 1998-08-29

Address: 747 Lubowitz Run, Sidmouth, HI 90646-5543

Phone: +99513241752844

Job: Design Supervisor

Hobby: Digital arts, Lacemaking, Air sports, Running, Scouting, Shooting, Puzzles

Introduction: My name is Delena Feil, I am a clean, splendid, calm, fancy, jolly, bright, faithful person who loves writing and wants to share my knowledge and understanding with you.