7.10 Ensure RC4 Cipher Suites is disabled - RC4 40/128

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

RC4 is a stream cipher that has known practical attacks. It is recommended that RC4 be disabled. The only RC4 cipher enabled by default on Server 2012 and 2012 R2 is RC4 128/128.

The use of RC4 may increase an adversaries ability to read sensitive information sent over SSL/TLS.

Solution

To disable RC4 40/128, ensure the following key is absent. If the key is present, ensure it is set to 0.
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128\Enabled

See Also

https://workbench.cisecurity.org/files/166