Microsoft has been patching a vulnerability in RDP/CREDSSP with the patches released this month (May 2018) and previous month or two, and as of the May 8 updates, it requires BOTH the client systems and the Windows Servers to both have the security patches installed.
Mostly on Windows 7 and 10 we are facing this error when connecting to windows machine through RDP. This is due to security patch that is not applied on the server or on the client. Below is the URL for the security patch.
https://support.microsoft.com/en-us/help/4295591/credssp-encryption-oracle-remediation-error-when-to-rdp-to-azure-vm
To avoid this error without apply the security patch. Below are the following steps but it is not recommended
To set the protection level to Vulnerable via Group Policy, follow these steps:
- Winkey + R and execute gpedit.msc
- Computer Configuration > Administrative Templates > System > Credentials Delegation
- Edit the following settings: Encryption Oracle Remediation
- Set it to Enabled, and set the protection level to Vulnerable
Note: It will bypass the security issue as it become Vulnerable to the RDP/CREDSSP vulnerability so it is highly recommended to apply the security patch
Comments
Post a Comment
Please give your review or ask question ?