AnsweredAssumed Answered

SSL/TLS use of weak RC4 cipher even after applying Windows6.1-KB2868725-x64.msu

Question asked by Douglas Aitken on May 22, 2014

I'm scanning windows 2008 R2 SP1 Domain controllers and have applied a variety of registry keys that have resolved most vulnerabilities.

 

However one DC still reports 2 vulnerabilities

 

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability   and

 

SSL/TLS use of weak R4 Cipher

 

I have resolved these issues on all DC's but this one still reports the above.

 

I have even applied the security fix Windows6.1-KB2868725-x64.msu from link below.

 

http://www.microsoft.com/en-us/download/details.aspx?id=40934

 

This is the Microsoft security advisory: Update for disabling RC4.

 

So with RC4 disabled why is Qualys still reporting SSL/TLS use of weak R4 Cipher ?

 

 

Note I have also unchecked TLS 1.0 and created keys below (These keys below fixed issue all other DC's)

 

 

 

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4
    128/128]

    "Enabled"=dword:00000000
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4
    40/128]

    "Enabled"=dword:00000000
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4
    56/128]

    "Enabled"=dword:00000000

 

 

 

 

 

 

 

Outcomes