Why did Microsoft abolish the encryption method 'RC4' that it had supported by default for 26 years?

Microsoft has finally decided to discontinue the RC4 encryption method that has been supported by default in Windows for 26 years. By eliminating this old technology, which has been the target of cyber attacks for many years, the aim is to fundamentally improve the security of the Windows environment.

Beyond RC4 for Windows authentication
https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - Ars Technica
https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/

RC4 is a type of encryption method known as a ' stream cipher ' developed by cryptographer Ron Rivest in 1987. It encrypts data bit by bit or byte by byte, and due to its speed and ease of implementation, RC4 was once widely used around the world as a key technology for securing communications.

However, RC4 authentication mechanisms lack protections that are standard in modern cryptography, such as adding random data to passwords using salt . This makes it possible for attackers to crack the encryption and steal administrator privileges with relatively few resources. For this reason, many projects have abandoned RC4 since around 2010, deeming it a weak encryption method.

In fact, in 2024, a major American medical institution, Ascension, was hit by a Kerberizing attack that exploited a vulnerability in RC4, resulting in the serious damage of 5.6 million patient data leaks. This Kerberizing attack is an attack method that targets Kerberos authentication , a standard authentication protocol for Windows, to steal service account passwords. When Microsoft introduced Active Directory in 2000, RC4 was the only encryption method adopted to support Kerberos authentication.

A prominent US senator took the Ascention incident very seriously and harshly criticized Microsoft, calling it a 'serious cybersecurity negligence' by continuing to ignore RC4, and called for an investigation by the Federal Trade Commission (FTC) in a letter (PDF file) .

In response to these developments, Microsoft announced in December 2025 that it would disable RC4 by default on all domain controllers running Windows Server 2008 or later by mid-2026. Going forward, the stronger encryption standard known as AES , which is said to be approximately 1,000 times more difficult to decrypt than RC4, will be used as the standard.

Steve Seifus, head of the Windows Certification team, said the difficulty of deprecating an algorithm that had been included in Windows for a quarter century was not so much the existence of the algorithm itself, but rather the algorithm selection rules that had been in place over the course of 20 years of code changes. He added that continuous efforts over the past decade have significantly reduced the use of RC4, finally giving the flexibility to finally deprecate it.