AnsweredAssumed Answered

Fix for SSL/TLS use of weak RC4 cipher

Question asked by Madhu Madhavan on May 20, 2015
Latest reply on Sep 7, 2016 by Uche Aka

Is there ant Fix available for SSL/TLS use of weak RC4 cipher , I have seen so much threads about the same but i didnt get a grip on what solution has to be emerged for fixing this issue .

 

I have 2003 ,2008,2008R2 and 2012 servers have issue with the same vulnerability .

 

these machines are already installed with KB2868725 and also see the registry entries for the machines too .. Please let me know whether any kind of solution is recomended for this ?

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]

"Enabled"=dword:0xfffff

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]

"Enabled"=dword:0x000000

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]

"Enabled"=dword 0x000000

 

Do i need to mark it as zero as in every dword ?

Thanks

Madhu Madhavan@

Outcomes