In March, Microsoft released a security update to address vulnerabilities for the Credential Security Support Provider protocol (CredSSP) used by Remote Desktop Protocol (RDP) connections for Windows clients and Windows Server.
Previously, you were able to connect remotely from the updated machine to machines without the update. However, with the latest update released this May, Microsoft hardened security, and you can no longer connect to machines without the update.These might came in due to #GDPR
You will face the CredSSP encryption oracle remediation error if you have applications or services such as the Remote Desktop Connection that use CredSSP on an updated machine. Authentication will not work and you will get this error message:
Here is error message that is seen after recent windows update
The workable solution I found is to edit client Windows’ local group policy (gpedit.msc):
Under Computer Configuration -> Administrative Templates -> System -> Credentials Delegation
Find setting “Encryption Oracle Remediation”. Its default value is “Not configured”. Just change it to “Enabled”, and set “Protection Level” as “Vulnerable”.
Now your remote desktop should be able to connect. Remember to revert the setting after you are done.
No comments:
Post a Comment