MS KB2960358: Update for Disabling RC4 in .NET TLS

Medium Nessus Plugin ID 73992


The remote host has a deprecated, weak encryption cipher available.


The remote host is missing an update for disabling the weak RC4 cipher suite in .NET TLS.

Note that even though .NET Framework 4.6 itself is not affected, any Framework 4.5, 4.5.1, or 4.5.2 application that runs on a system that has 4.6 installed is affected.


Microsoft has released a set of security updates for the .NET Framework on Windows 7, 2008 R2, 8, 2012, 8.1, 2012 R2, and 10.

See Also

Plugin Details

Severity: Medium

ID: 73992

File Name: smb_kb2960358.nasl

Version: $Revision: 1.6 $

Type: local

Agent: windows

Family: Windows

Published: 2015/10/13

Modified: 2017/08/30

Dependencies: 13855, 51351

Risk Information

Risk Factor: Medium


Base Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:.net_framework

Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion

Patch Publication Date: 2014/05/13

Vulnerability Publication Date: 2014/05/13

Reference Information

MSKB: 2960358