diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c
index 6be5874cbf..8199f89a37 100644
--- a/src/port/pg_strong_random.c
+++ b/src/port/pg_strong_random.c
@@ -28,10 +28,20 @@
 #include <openssl/rand.h>
 #endif
 #ifdef USE_WIN32_RANDOM
-#include <wincrypt.h>
+#if defined(_MSC_VER) && _MSC_VER >= 1900 \
+     && defined(MIN_WINNT) && MIN_WINNT >= 0x0600
+#define USE_WIN32_BCRYPTGENRANDOM
+#endif
 #endif
 
-#ifdef USE_WIN32_RANDOM
+#ifdef USE_WIN32_BCRYPTGENRANDOM
+#include <bcrypt.h>
+#ifndef STATUS_SUCCESS
+  #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
+#endif
+#elif USE_WIN32_RANDOM
+#include <wincrypt.h>
+
 /*
  * Cache a global crypto provider that only gets freed when the process
  * exits, in case we need random numbers more than once.
@@ -85,8 +95,9 @@ random_from_file(const char *filename, void *buf, size_t len)
  * We support a number of sources:
  *
  * 1. OpenSSL's RAND_bytes()
- * 2. Windows' CryptGenRandom() function
- * 3. /dev/urandom
+ * 2. Windows' BCryptGenRandom() function
+ * 3. Windows' CryptGenRandom() function
+ * 4. /dev/urandom
  *
  * The configure script will choose which one to use, and set
  * a USE_*_RANDOM flag accordingly.
@@ -139,6 +150,10 @@ pg_strong_random(void *buf, size_t len)
 	/*
 	 * Windows has CryptoAPI for strong cryptographic numbers.
 	 */
+#elif defined(USE_WIN32_BCRYPTGENRANDOM)
+	return (BCryptGenRandom(NULL, buf, len,
+                        BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS);
+
 #elif defined(USE_WIN32_RANDOM)
 	if (hProvider == 0)
 	{