Microsoft to deprecate vulnerable RC4 cipher by mid-2026

Microsoft has supported the weak RC4 cipher by default in Windows for 26 years, since introducing Active Directory in 2000. RC4, developed by Ron Rivest in 1987, faced a major cryptographic attack shortly after its 1994 leak, yet persisted in protocols like SSL and TLS until about a decade ago.

Despite upgrading to the secure AES standard, Windows servers continued to fallback to RC4 for authentication requests, enabling attacks like Kerberoasting, known since 2014. This vulnerability contributed to the Ascension health breach, disrupting services at 140 hospitals and exposing 5.6 million patients' records.

In September, US Senator Ron Wyden urged the Federal Trade Commission to probe Microsoft for "gross cybersecurity negligence" due to ongoing RC4 support.

Last week, Microsoft announced deprecation of RC4. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," wrote principal program manager Matthew Palko. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it."

AES-SHA1, available since Windows Server 2008, uses iterated hashing and salt, making it about 1,000 times harder to crack than RC4's unsalted, single-round MD4 implementation.

To aid transition, Microsoft offers updated KDC logs and PowerShell scripts to detect RC4 usage, crucial for legacy third-party systems. Steve Syfuhs, of Microsoft's Windows Authentication team, noted on Bluesky the challenges: "The problem though is that it’s hard to kill off a cryptographic algorithm that is present in every OS that’s shipped for the last 25 years."

Over the past decade, Microsoft reduced RC4 usage significantly through incremental changes, dropping it to near zero without widespread breakage.