Disable RC4 Cipher Suites on Windows Remote Desktop (RDP)

By | January 24, 2014
Recently, I was scanning Windows system with Nessus ( a vulnerability scanner tool), Nessus show vulnerbilty in Windows Remote Desktop SSL. The Nessus advisory suggested to disable the RC4 cipher suites on RDP.

To fix this vulnerabiity, add following key into your registry:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC4 128/128]
“Enabled”=dword:00000000
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC4 40/128]
“Enabled”=dword:00000000
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC4 56/128]
“Enabled”=dword:00000000

Once applies, restart your system and re-run the Nessus scan again.

One thought on “Disable RC4 Cipher Suites on Windows Remote Desktop (RDP)

Leave a Reply

Your email address will not be published. Required fields are marked *