Knowledgebase:
Quick Fix for RDP Error involving CredSSP after windows update CVE-2018-0886
Posted by Tyler Evans on 11 May 2018 09:08 PM
Credential Security Support Provider protocol (CredSSP) is an authentication provider that processes authentication requests for other applications.

The windows update CVE-2018-0886 patches a vulnerability with CredSSP, but prevents connections from or to systems that are not patched, if one of the systems is patched. Trying to connect to an unpatched system produces the following error:


There are two workarounds for this error:

1. Add a registry key to get past CredSSP (Use for Win10 Home)
       - open cmd as admin and enter:
   reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /f /v AllowEncryptionOracle /t REG_DWORD /d 2

2. Use group policy (Use for Pro or Enterprise edition of windows)
       - Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Encryption Oracle Remediation
  Change it to Enable and in Protection level, change back to Vulnerable

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).