Techly NewsGet the app

Get the latest tech news

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”


Wyden says default use of RC4 cipher led to last year’s breach of health giant Ascension.

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form of encryption that Windows uses by default. “Because of dangerous software engineering decisions by Microsoft, which the company has largely hidden from its corporate and government customers, a single individual at a hospital or other organization clicking on the wrong link can quickly result in an organization-wide ransomware infection,” Wyden wrote in the letter, which was sent Wednesday. “Microsoft’s continued support for the ancient, insecure RC4 encryption technology needlessly exposes its customers to ransomware and other cyber threats by enabling hackers that have gained access to any computer on a corporate network to crack the passwords of privileged accounts used by administrators,” Wyden wrote.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Microsoft

Microsoft

Photo of Windows

Windows

Photo of senator

senator

Related news:

News photo

Microsoft waives fees for Windows devs publishing to Microsoft Store

News photo

Microsoft’s AI Chief Says Machine Consciousness Is an ‘Illusion’

News photo

Microsoft reminds developers VBScript really is going away

« Apple Releases New MagSafe Charger With Qi2 25W Certification
Wyden Says Microsoft Flaws Led to Hack of US Hospital System »