May Windows Update breaks RDP

https://support.microsoft.com/en-au/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

 

I had one user with this issue and on Windows Home Edition – so the machine don’t have GPO or Gpedit.

It didn’t had the Registry key, way to fix was creating the Registry key manually with value=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]

"AllowEncryptionOracle"=dword:00000002

Group Policy path: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation Setting name: Encryption Oracle Remediation

from Vulnerable to Mitigated on Client computers (Win 10, Win 7)

If the CredSSP patch has not been applied to the server, you will get an error and will not be able to connect. If applying the patch to the server (released March) is not possible the setting can be changed via GPO or local GPEDIT on client machines.

 

Obviously patching the server is the better option!

 

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...