For the last decade I have been using IISCrypto to neuter older and obsolete algorithms. I just apply the most recent PCI profile and restart.
Now granted, this program is unknown to many security professionals I talk to, which is why I mention it here: it works on all NT versions of Windows after Vista. Super-easy to restrict a system to the stronger and more secure algorithms.
For the last decade I have been using IISCrypto to neuter older and obsolete algorithms. I just apply the most recent PCI profile and restart.
Now granted, this program is unknown to many security professionals I talk to, which is why I mention it here: it works on all NT versions of Windows after Vista. Super-easy to restrict a system to the stronger and more secure algorithms.