Update for disabling RC4 - (2868725)ID: oval:org.secpod.oval:def:16101 | Date: (C)2013-11-29 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing a security update according to Microsoft advisory, 2868725. The update is required to remove RC4 as an available cipher on affected systems through registry settings. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |