The weak RC4 for administrative authentication has been a hacker Holy Grail for decades.

Ars Technica is known for its  coverage of technology-related news and analysis, ranging from scientific breakthroughs to the latest gadgets and gaming developments. Readers can learn about emerging technologies, industry trends, and the societal impact of technological advancements through detailed articles and reviews.

Ars Technica

Microsoft is deprecating RC4 encryption cipher support in Windows after 26 years of default availability. The obsolete cipher, known to be vulnerable since 1994, has been exploited in major breaches including the 2024 Ascension health system attack that affected 140 hospitals and 5.6 million patient records. Despite upgrading Active Directory to support AES encryption, Windows servers continued accepting RC4-based authentication by default, enabling Kerberoasting attacks. The decision follows criticism from US Senator Ron Wyden, who called for an FTC investigation into Microsoft's cybersecurity practices.

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

How Scientists Respond to Science Deniers