1 votePavel Rozenberg shared this idea ·
We are currently working on thisPavel Rozenberg commented
I agree! This is totally unacceptable for many organizations that are taking security seriously.
It is also very strange that Microsoft would release a security note and documentation alerting security teams of this protocol vulnerabilities and mitigation, but then implement it in a modern solution.
Here's a link to their docs page and KB explaining RC4 vulnerability and mitigation: