Forum Discussion

Copper Contributor

Mar 14, 2026

Kerberos and the End of RC4: Protocol Hardening and Preparing for CVE‑2026‑20833

CVE-2026-20833 addresses the continued use of the RC4‑HMAC algorithm within the Kerberos protocol in Active Directory environments. Although RC4 has been retained for many years for compatibility wit...

admin

azure

identity and access management

identity protection

identity standards

Log Analytics

microsoft defender for identity

security

threat protection

aduser

Copper Contributor

Mar 23, 2026

So if we have msDS-SupportedEncryptionTypes attribute set to use RC4 on service accounts, computer accounts, and Domain Controllers it will be no impact even on July 2026?

jdomke1
Occasional Reader
Apr 13, 2026
That's the exact opposite of what I just read. RC4 is gone come July 2026 unless you decide not to patch your DCs.