taoCMS是基于php+sqlite/mysql的国内最小(100Kb左右)的功能完善的CMS管理系统

Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

2018-06-10

An authentication error has occurred.

The function requested is not supported

 

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

 

解决方案:

 

Win + R,输入gpedit.msc,参考截图进行操作



For those of you who may have recently installed security updates on Windows 10 workstations in the past few days, you may notice that you receive a peculiar error when trying to establish a remote desktop connection to a server that worked prior to installing the updates. The initial March 13, 2018, release updates the CredSSP authentication protocol and the Remote Desktop clients for all affected platforms. The CVE-2018-0886 consists of installing the update on all eligible client and server operating systems and then using Group Policy or registry settings to configure the options on both clients and servers. Let’s take a look at Windows 10 RDP CredSSP encryption oracle remediation error fix.

Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

Just a couple of days ago, the cumulative updates were released below for Windows 10 and Server 2016, etc.  These cumulative updates include the fix for the CredSSP encryption vulnerability.

May 8, 2018 – KB4103721 (OS Build 1803)
May 8, 2018 – KB4103727 (OS Build 1709)
May 8, 2018 – KB4103731 (OS Build 1703)
May 8, 2018 – KB4103723 (OS Build 1609 & Server 2016)

Once you have installed the patch on a “vulnerable” workstation and attempt to connect to an unpatched server, you will see the following error message that happens after you type in your password to authenticate to the RDP session.

CredSSP-authentication-error-after-installing-May-8-2018-patch-Windows-10 Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

CredSSP authentication error after installing May 8 2018 patch Windows 10

There is a local policy setting that is added with the installed security updates.  You can find this at Computer Configuration >> Administrative Templates >> System >> Credentials Delegation >> Encryption Oracle Remediation.  By default this is set to Not configured.

Windows-10-RDP-CredSSP-encryption-oracle-remediation-error-Fix Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

Windows 10 RDP CredSSP encryption oracle remediation error Fix

To Fix the issue as a workaround, set the policy to Enabled and set the Protection Level to Vulnerable.  ***Note*** – This is not recommended by Microsoft, as making sure both the client and server is patched is best practice.  However, setting the policy to Vulnerable allows your workstation to now connect to the remote desktop session that was previously blocked by the mitigation.

Settings-contained-in-the-Encryption-Oracle-Remediation-Fix Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

Settings contained in the Encryption Oracle Remediation Fix

CredSSP Encryption Oracle Remediation Policy Settings

There are three settings contained in the policy setting that can be enabled.

Force Updated Clients: Client applications which use CredSSP will not be able to fall back to the insecure versions and services using CredSSP will not accept unpatched clients. Note: this setting should not be deployed until all remote hosts support the newest version.

Mitigated: Client applications which use CredSSP will not be able to fall back to the insecure version but services using CredSSP will accept unpatched clients. See the link below for important information about the risk posed by remaining unpatched clients.

Vulnerable: Client applications which use CredSSP will expose the remote servers to attacks by supporting fall back to the insecure versions and services using CredSSP will accept unpatched clients.

类别:未分组 | 阅读:5368 | 评论:0 | 标签:

想收藏或者和大家分享这篇好文章→

公告

taoCMS发布taoCMS2.5Beta5(最后更新14年05月25日),请大家速速升级,欢迎大家试用和提出您宝贵的意见建议。

捐助与联系

☟请使用新浪微博联系我☟

☟在github上follow我☟

标签云

友情链接