MS KB2960358: Update for Disabling RC4 in .NET TLS

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has a deprecated, weak encryption cipher available.

Description :

The remote host is missing an update for disabling the weak RC4 cipher
suite in .NET TLS.

Note that even though .NET Framework 4.6 itself is not affected, any
Framework 4.5, 4.5.1, or 4.5.2 application that runs on a system that
has 4.6 installed is affected.

See also :

https://technet.microsoft.com/library/security/2960358

Solution :

Microsoft has released a set of security updates for the .NET
Framework on Windows 7, 2008 R2, 8, 2012, 8.1, 2012 R2, and 10.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N)

Family: Windows

Nessus Plugin ID: 73992 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now