This article describes an update in which new TLS cipher suites are added and cipher suite priorities are changed in Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2. All new cipher suites operate in Galois/counter mode (GCM), and two of them offer perfect forward secrecy (PFS) by using DHE key exchange together with RSA authentication.
To enable this feature, install update 2919355. For more information about how to obtain this update rollup package, click the following article number to view the article in the Microsoft Knowledge Base:
2919355 Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 Update April, 2014
Microsoft has confirmed that this is an update in the Microsoft products that are listed in the "Applies to" section.
For more information about cipher suites, go to the following Microsoft website:
PFS is a property of key-agreement protocols that makes sure that a session key derived from a set of long-term keys will not be compromised if one of the long-term keys is compromised in the future. For more information about PFS, go to the Wikipedia website.
Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows Server 2012 R2 Standard