Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Windows Update has deprecated support for the RC4 cipher

Windows Update has deprecated support for the RC4 cipher

Symptoms

On a Windows-based computer that's configured to use a set of cipher suites other than the default Windows set, you discover that you can no longer download updates from Windows Update.

↑ Back to the top

Cause

This issue affects computers that have relied on the RC4 cipher to connect with Windows Update. Windows Update has changed its connection security protocols to end support for the RC4 cipher. The RC4 cipher is now disabled by default, and it's no longer used during TLS fallback negotiations.

For security purposes, Windows Update is complying with Security Advisory 2868725, which recommends removing support for RC4. Therefore, Windows Update has discontinued support for the RC4 cipher. If your computer is configured to use only cipher suites that are not supported by Windows Update (such as those that include RC4), this will prevent the computer from obtaining updates through Windows Update.

↑ Back to the top

Resolution

Since 2013, Microsoft has recommended that customers enable TLS 1.2 on their services and remove support for RC4. For more information, see Security Advisory 2868725.

Alternative ciphers, such as AES, will continue to work. For more information about cipher suites and about which ciphers are supported in Windows, see Cipher suites in TLS/SSL (Schannel SSP).

To mitigate this issue, enable cipher suites that use alternative ciphers that are supported by Windows Update, such as AES.

↑ Back to the top

Keywords: kb

↑ Back to the top

Article Info
Article ID : 3186695
Revision : 1
Created on : 1/7/2017
Published on : 8/18/2016
Exists online : False
Views : 66