Monday, June 25, 2018

Windows 10 RDP CredSSP Encryption Oracle Remediation Error

Description:
You have noticed that after installed recent security updates in windows 10 users face an error during remote desktop connection.

Procedure:
Just a couple of days ago, the cumulative updates were released below for Windows 10 and Server 2016, etc.  These cumulative updates include the fix for the CredSSP encryption vulnerability.

May 8, 2018 – KB4103721 (OS Build 1803)
May 8, 2018 – KB4103727 (OS Build 1709)
May 8, 2018 – KB4103731 (OS Build 1703)
May 8, 2018 – KB4103723 (OS Build 1609 & Server 2016)

Once you have installed the patch on a “vulnerable” workstation and attempt to connect to an unpatched server, you will see the following error message that happens after you type in your password to authenticate to the RDP session.













  • To Resolved this issue you need to configure security update in group policy in local system. 
  • You can find this at Computer Configuration >> Administrative Templates >> System >> Credentials Delegation >> Encryption Oracle Remediation.  By default, this is set to not configured.
  • To Fix the issue as a workaround, set the policy to Enabled and set the Protection Level to Vulnerable. This is not recommended by Microsoft, as making sure both the client and server is patched is best practice.  However, setting the policy to Vulnerable allows your workstation to now connect to the remote desktop session that was previously blocked by the mitigation.






No comments:

Post a Comment