I was received many reports of Remote Desktop connections failing in the United Arab Emirates. our clients received error messages like this when they tried to remote to machines they connected to successfully for a long time so i fix this error last week.
Introduction
The issue is Microsoft released a security update to address vulnerabilities for the Credential Security Support Provider protocol (CredSSP) used by Remote Desktop Protocol (RDP) connections for Windows clients and Windows Server. You will face the CredSSP encryption oracle remediation error if you have applications or services such as the Remote Desktop Connection that use CredSSP on an updated machine.
Note: CredSSP is an authentication provider which processes authentication requests for other applications. any application which depends on CredSSP for authentication may be vulnerable to this type of attack
Once you have installed the patch on a “vulnerable” workstation and attempt to connect to an unpatched server, you will see the following error message that happens after you type in your password to authenticate to the RDP session
Why is encryption oracle remediation missing?
Specifically a vulnerability in the Windows subsystem, Credential Security Support Provider protocol (CredSSP). This vulnerability applies to all modern versions of Windows Operating systems and allows for a remote code execution vulnerability. However, post patching this caused an issue where the patched clients were blocked from communicating with unpatched servers over RDP protocols. Let’s take a look at Windows RDP CredSSP encryption oracle remediation error fix
1 – Simply adjust the Remote Desktop settings on the host machine to a lower security level. From File Explorer, choose Computer, right-click and select Properties, then click Change Settings, and go to the Remote tab
Note: uncheck the option to Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)
2 – Enter run gpedit.msc to edit group policy, or from Windows start, enter Group Policy and select Edit Group Policy
3 – Navigate to the following path: Computer Configuration –> Administrative Templates –> System –> Credentials Delegation
4 – Select Encryption Oracle Remediation from the right pane (if it’s not there, it probably means your machine wasn’t patched)
5 – Edit the following setting: Encryption Oracle Remediation
6 – Set it to Enabled, and set the protection level to Vulnerable
CredSSP Encryption Oracle Remediation Policy Settings
There are three settings contained in the policy setting that can be enabled.
Force Updated Clients: This is the highest level of protection because it requires applying the update to all clients you are going to communicate with using CredSSP. Thus, do not choose this option before applying the update to all of your clients and servers.
Mitigated: This level blocks applications such as the Remote Desktop Connection to connect to servers that do not have the update. However, services that use CredSSP will work.
Vulnerable: This is the lowest level of protection. It will allow you to connect to servers remotely using RDP. However, it will expose the servers to attacks.
7 -Right-click Start, and then click Windows PowerShell
8 – In the Windows PowerShell window, type the following command, and then press Enter
gpupdate /force
Now try connecting to other system using RDP and you can now see the successful connection
CredSSP Encryption Oracle Remediation Registry Setting
Alternatively, you can set this policy setting via the registry and a reboot.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] “AllowEncryptionOracle”=dword:00000002
Thanks for sharing such beautiful information with us.
I hope you will share some more info about Remote Desktop Services Remote .
Please keep sharing.
LikeLike
sure…
LikeLike