Skip to main content

Microsoft will end support for RC4 encryption in Edge and IE11 next month

Microsoft has announced that it will end support for RC4 encryption in its Microsoft Edge and Internet Explorer 11 web browsers next month. On April 12, it will no longer provide support for the RC4 cipher, as it has been proven to be cryptographically insecure. Some attacks have been able to compromise it in just a few days, or even hours.

One such attack was demonstrated by security researchers at the Usenix conference last year, where it only took them about 52 hours to crack.

Recommended Videos

As a result, any sites that use it have been an attractive target. The cipher has been around since 1987, and the likes of Microsoft and Mozilla have been warning about its aging reliability for a while now. In February of last year, the Internet Engineering Task Force moved to prohibit the use of RC4 with TLS over security fears.

Both Google and Mozilla killed off their use of RC4 in January with the launches of Chrome 48 and Firefox 44. Microsoft is now following suit and has been advising web services to move over to TLS 1.2 instead as soon as possible.

“Microsoft Edge and Internet Explorer 11 only utilize RC4 during a fallback from TLS 1.2 or 1.1 to TLS 1.0. A fallback to TLS 1.0 with RC4 is most often the result of an innocent error, but this is indistinguishable from a man-in-the-middle attack,” said Brent Mills, senior program manager at Windows Experience. “For this reason, RC4 will be entirely disabled by default for Microsoft Edge and Internet Explorer users on Windows 7, Windows 8.1 and Windows 10 starting April 12.”

As for how this will affect the end users, it’s unlikely that you will notice anything different according to Mills. RC4 will be simply be disabled by default for all users for Windows 7, 8, 8.1, and 10.

“The percentage of insecure web services that support only RC4 is known to be small and shrinking,” said Mills. However, if you do happen to visit a site that’s secured by RC4, it will be flagged as insecure in Internet Explorer 11 and Edge once the algorithm is put out to pasture.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
A coding blunder just ruined a moment of joy for lottery winners
Eurojackpot lottery slips.

Imagine the joy of being notified of a huge lottery win. What would be the first thing you’d do? Get the champagne in? Book a fancy vacation? Call your boss and tell him where to go?

And then imagine being informed that the notification had, in fact, been sent in error. Well, you can always send the booze back and cancel the holiday, but trying to convince your boss that you were just joking ... well, that may be a bigger challenge.

Read more
This TP-Link Wi-Fi 6 router is 45% off in early Prime Day deal
The TP-Link AX1800 Archer AX21 Wi-FI 6 Router on a white background.

If you're planning to buy a new router to improve your home's Wi-Fi network, the good news is that you don't have to wait for Prime Day 2025 to take advantage of huge discounts on router deals from Amazon. Here's an excellent offer — the TP-Link Archer AX21 with an eye-catching 45% discount, which drops its price from $100 to just $55. The $45 in savings will only be available for a limited time though, so you better act fast and proceed with your purchase immediately as this early Prime Day deal may disappear at any moment.

Buy Now

Read more
Watch these AI humanoid robots play soccer like Mbappé … sort of
Humanoid robots playing soccer.

Watching these humanoid robots battle it out on the soccer field, you quickly realize that Kylian Mbappé and his fellow professionals really have little to worry about. At least, for now.

The footage (top) was captured last week in Beijing at the RoBoLeague World Robot Soccer League, China's first-ever three-on-three humanoid robot soccer league.

Read more