Η Microsoft along with its established updates, also announced moves it has made to improve the cryptographic integrity of its platform Windows.
As the company said, officially halted the use of RC4 encryption. With their circulation Windows 8.1 and Internet Explore 11, the products of the company now have by default support for TLS 1.2, stopping RC4.
Its use RC4 is quite controversial, as it has many known weaknesses and its retirement has been discussed for some time now.
The problem with RC4 encryption algorithms is that it is vulnerable to BEAST and Lucky Thirteen attacks. OR TLS 1.2 and AES-CGM are not vulnerable to such attacks and can now be officially considered mainstream.
If your system does not run Windows 8.1 with Internet Explorer 11, the Google Chrome, The Firefox, The Safari and Opera also support encryption TLS 1.2.
Microsoft under these new settings encryption gave a tool to disable the use of RC4 in Windows 7, 8, RT, Server 2008 R2, and 2012 Server.
A second Microsoft announcement reports that 1 January of 2016 Windows will now support the use of certificates X.509 which have been issued with the algorithm SHA-1 for SSL and for digital software code signatures.
The SHA1 - SHA2 - 170 is a welcome precautionary measure by Microsoft after the certificates MD5 are now considered unreliable.
