Saturday, June 02, 2018

Remote desktop connection authentication error due to “CredSSP encryption oracle remediation” #GDPR

In March, Microsoft released a security update to address vulnerabilities for the Credential Security Support Provider protocol (CredSSP) used by Remote Desktop Protocol (RDP) connections for Windows clients and Windows Server.

Previously, you were able to connect remotely from the updated machine to machines without the update. However, with the latest update released this May, Microsoft hardened security, and you can no longer connect to machines without the update.These might came in due to #GDPR

You will face the CredSSP encryption oracle remediation error if you have applications or services such as the Remote Desktop Connection that use CredSSP on an updated machine. Authentication will not work and you will get this error message:

Here is error message that is seen after recent windows update

2018-05-16_1444

The workable solution I found is to edit client Windows’ local group policy (gpedit.msc):2018-05-16_1504

Under Computer Configuration -> Administrative Templates -> System -> Credentials Delegation

Find setting “Encryption Oracle Remediation”. Its default value is “Not configured”. Just change it to “Enabled”, and set “Protection Level” as “Vulnerable”.

2018-05-16_1505

Now your remote desktop should be able to connect. Remember to revert the setting after you are done.

No comments:

Post a Comment