Fixed: RDP “This could be due to CredSSP encryption oracle…” Encryption Oracle Remediation
In March 2018, Microsoft released a security update regarding the Credential Security Support Provider protocol (CredSSP) used by the Remote Desktop Protocol (RDP) connection between the Windows Client and Windows Server.
Fixed: RDP “This could be due to CredSSP encryption oracle…”
Invisibly this affects the Windows Remote Desktop application. When you open the Remote Desktop client to connect to a Windows Server or VPS you may encounter an error message about ‘CredSSP encryption oracle remediation error’ as shown below when trying to connect Remote Desktop to Windows Server:
An authentication error has occurred. The function requested is not supported Remote computer: XXX.XXX.XXX.XXX This could be due to CredSSP encryption oracle remediation. For more information, see https://go.microsoft.com/fwlink/?linkid=866660
Before, when this update was not available, it was easy for you to connect to a Windows server using RDP, but after Microsoft forced Windows Server to update a new patch, it was not easy for the client to connect to RDP Windows Server anymore. This situation occurs when an RDP connection is created between a party that has been patched (usually RDP Client) and a party that has not been patched (usually Windows Server).
Reason This could be due to CredSSP encryption oracle
This is due to security vulnerability CVE-2018-0886 | CredSSP Remote Code Execution Vulnerability. In March 2018 Microsoft released an update to address two issues:
Changed the way the CredSSP protocol authenticates requests during authentication.
Change the “Encryption Oracle Remediation” policy configuration from Vulnerable to Mitigated .
RDP authentication problems can arise when the local client and the remote Windows Server server differ in the “Encryption Oracle Remediation” configuration parameter that defines how to build an RDP session with CredSSP.
So there will be 3 cases as follows:
If the client side has automatically updated the patch, and makes an RDP connection to the Windows Server that has not been updated with the patch, the connection will be locked and the error will be displayed as above.
If the client side has not been patched, while Windows Server has updated the patch, RDP will still work. It’s just that the session is vulnerable.
If both the client side and windows server have updated the patch, then the RDP connection is completely secure with the new standard.
Handling InstructionsThis could be due to CredSSP encryption oracle
The best way to handle it is to update the new patch related to CredSSP on Windows Server and RDP Client. But if you want to be able to connect Remote Desktop to a Windows Server server that has not updated the CredSSP vulnerability patch, then on the Windows Client computer you can use the policy to lower the application protection level (policy). ) ‘Encryption Oracle Remediation’ downgrades to ‘Vulnerable’ through Group Policy.
– Open Local Group Policy Editor: type gpedit.msc into Start Menu
– Move to the policy path as follows: Computer Configuration > Administrative Templates > System > Credentials Delegation
– Click to configure the ‘Encryption Oracle Remediation’ policy.
– Enable ‘Enabled‘.
– Set ‘Protection Level’ to ‘Vulnerable’.
This could be due to CredSSP encryption oracle remediation Windows Server 2012,
This could be due to CredSSP encryption oracle remediation khi Remote Desktop,
This could be due to credssp encryption oracle remediation youtube,
encryption oracle remediation,
Encryption Oracle Remediation missing from group policy,
Encryption oracle remediation not found Windows Server,