News

Windows Update Will Disable 'Broken' RC4 Encryption

• By Kurt Mackie
• 11/13/2013

A Microsoft update that will disable the compromised RC4 stream cipher on Windows systems was released on Tuesday.

The update is described in Security Advisory 2868725, but it seems to have gone largely unmentioned in Microsoft's general Patch Tuesday announcements. The update will disable RC4 use on Windows 7, Windows 8, Windows RT client operating systems, as well as Windows Server 2008 R2 and Windows Server 2012.

Organizations that have Automatic Update turned on for their clients will start to receive this update. It will get installed automatically in those cases, although Microsoft's security advisory recommends testing the update before applying it across computing environments, explaining that "failing to test the new settings could result in impact to the user experience for Internet Explorer or other applications that make use of TLS."

Microsoft also noted on Tuesday that its Internet Explorer 11 browser uses Transport Security Layer (TLS) 1.2 by default, which avoids using RC4. The RC4 stream cipher has long been used in encrypting and decrypting Web traffic and e-mails, but researchers have found that it has an encryption weakness that could be exploited through the use of malware.

Microsoft's update, in turning off RC4 use by Windows Systems, helps ward off potential "man-in-the-middle" attacks in secure HTTP (HTTPS) communications. However, it just applies to Windows and doesn't change Internet Explorer settings. A man-in-the-middle attack is the interception of plain text by a hacker who has access to the encrypted traffic between two parties.

The update does not apply to Windows 8.1, Windows RT 8.1 or Windows Server 2012 R2. Those operating systems already restrict RC4 use, according to Microsoft's security advisory.

RC4 is essentially broken, according to Ivan Ristic, director of application security research at Qualys Ltd.

"RC4 is indeed considered weak and broken," Ristic stated via an e-mail. "Some of the weaknesses had been known for quite a while, but they either did not apply to how RC4 was used in SSL/TLS, or we knew of no practical way to exploit them. The situation changed in February 2013, when some new research was published."

Ristic offers some steps for IT pros and the security industry to take in this Qualys blog post. He explained that while there are no known publicly reported attacks (other than those carried out by security researchers), IT pros should consider RC4 encryption to be broken.

"The best attack we know today requires an active attacker and millions of forced connections, which means that it is not very practical," Ristic said. "However, it is prudent to assume that RC4 is fully broken -- there might be other issues that are not publicly known. Hence Microsoft's decision."

Microsoft issued a proposal to the Internet Engineering Task Force in April that advocates wholly banning the use of the RC4 stream cipher.

Ristic advised IT pros to not use RC4 on their servers, and to make other changes.

"While they are at it, there are many other improvements to server configuration they could make," he said. "For example, deploying HTTP Strict Transport Security (to ensure SSL is always used and defeat active man-in-the-middle attacks) is relatively easy to deploy but has a big positive impact."

Ristic noted that the update from Microsoft disables OS use of RC4, and that doing so could affect the use of older browsers. However, he added that he hasn't yet had a chance to test the update to see any potential effects.

Qualys generally tracks RC4 use, as well as other TLS security issues, at its SSL Pulse page here.