333
313 38601SSL/TLS use of weak RC4 cipher -- not sure how to FIX the problem. It doesn't seem like a MS patch will solve this.
- Windows 2012 R2 Reg settings applied (for a Windows 2008 R2 system) and this problem is no longer seen by the GVM scanner BUT, THESE REGISTRY SETTINGS DO NOT APPLY
TO WINDOWS 2012 R2.
Does this update apply to Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1?
No. This update does not apply to Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 because these operating systems already include the functionality to restrict
the use of RC4.
https://technet.microsoft.com/en-us/library/security/2868725.aspx
So, how to you disable RC4 on Windows 2012 R2????? Anyone know?
For security-specific questions like this, I recommend the dedicated security forum:
https://social.technet.microsoft.com/Forums/en-US/home?forum=winserversecurity
This topic (Disabling RC4) is discussed several times there.
Also, note that
Advisory 2868725 and
KB 2868725 both explain that the ability to restrict/disable RC4, is different from
actively/actually restricting/disabling RC4. More information here:
https://support.microsoft.com/en-au/kb/245030
First, apply the update if you have an older OS (WS2012R2 already includes the ability).
Second, apply the relevant registry keys, to all OS versions, to actively/actually disable RC4.
If you only apply the update (to an older OS), or, you already have WS2012R2, this does not disable RC4 - you must have both the necessary binary files *AND* also set the registry keys.
So, to answer your question : "how to you disable RC4 on Windows 2012 R2?" - the answer is: set the relevant registry keys.