Some versions of the CredSSP protocol are vulnerable to an encryption oracle attack against the client. This policy controls compatibility with vulnerable clients and servers. This policy allows you to set the level of protection desired for the encryption oracle vulnerability.
Credssp Encryption Oracle Remediation Patch Download
After installing the Windows security updates that issued after May 2018, you may face the CredSSP encryption oracle remediation error during RDP connection to the remote Windows server or computer in the following cases: (adsbygoogle = window.adsbygoogle []).push();
Thus, if you have not installed cumulative security updates on your Windows RDS/RDP servers (computers) since March 2018, and May 2018 updates (or newer) were installed on RDP clients, then when you try to connect to RDS servers with an unpatched version of CredSSP an error appears: This could be due to CredSSP encryption oracle remediation.
Recently Microsoft found that a remote code execution vulnerability (CVE-2018-0886: encryption oracle attack) exists in CredSSP versions. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. So any application that depends on CredSSP for authentication was vulnerable to this type of attack.
Microsoft provides a policy to control compatibility with vulnerable clients and servers. With the help of this policy, you can set the level of protection that you want for the encryption oracle vulnerability.
caa09b180b