Remote Desktop Connection Error: CredSSP Encryption Oracle Remediation

by | May 30, 2018 | Blog, SQL Server | 0 comments

Remote Desktop Connection Error- CredSSP Encryption Oracle Remediation

Connection Error Details

Remote Desktop Connection Error

While attempting to make an RDP connection to another Windows client the following error may be encountered. Typically this error is encountered when attempting a connection to an Azure hosted client, it has also been encountered when attempting a connection to Windows Server 2012 client.

An authentication error has occurred.
The function requested is not supported

This could be due to CredSSP encryption oracle remediation

Cause

This error is due to a recent update to windows to resolve vulnerabilities in windows authentication. Specifically a vulnerability in the Windows subsystem, Credential Security Support Provider Protocol (CredSSP). This vulnerability applies to all modern versions of Windows Operating systems and allows for a remote code execution vulnerability.

Microsoft’s Security TechCenter contains information on all of the products affected and other important details on the vulnerability.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886

Also see the National Vulnerability Database article, CVE-2018-0886, released on 03/14/2018, for vulnerability details.

Workaround

Ensure that your windows environment has the latest updates applied.

Use group policy to change the Credential Delegation at the client.

  1. On the client run gpedit.msc, and then browse to Computer Configuration > Administrative Templates > System > Credentials Delegation in the navigation pane.
  2. Change the Encryption Oracle Remediation policy to Enabled, and then change Protection Level to Vulnerable.

Once the change is made in the group policy editor it is put into effect immediately. No restart was required to apply the change. Also changing the setting back to Not Configured does result in the error re-appearing.

The following Microsoft Article was released to cover this issue. While this article specifically calls out Azure clients, this has been encountered on non-Azure clients as well.

As always it is important to install the latest Windows Updates to prevent these types of vulnerabilities. It is recommended to check at least monthly for new updates if not done automatically.

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share This