Skip to content
  •   Saturday, February 4, 2023
  • Advertise
  • Contact us
Yeah Hub

Yeah Hub

Kali Linux Tutorials | Tech News | SEO Tips and Tricks

  • Home
  • Tutorials
    • Kali Linux Tutorials
    • Metasploit Tutorials
    • Wireless Hacking
    • Android Hacking
    • PHP Tutorials
  • CTF Challenges
  • Q&A
    • CEHv11 – MCQ
    • CEHv10 – MCQ
    • CEHv9 – MCQ
    • Linux MCQ
    • Infosec Q&A
    • HTML Q&A
    • Wireless Q&A
    • Abbrevations
  • Contact us
  • Home
  • Tutorials
  • RDP – CredSSP Encryption Oracle Remediation Solution 2020
Tutorials

RDP – CredSSP Encryption Oracle Remediation Solution 2020

3 years ago
Nancy Culbreth

Microsoft recently fixed RCE (Remote Code Execution) Vulnerability in CredSSP in March Updates of Windows. CredSSP (Credential Security Support Provider Protocol) is a security protocol that lets applications delegate user’s NTLM or kerbros credentials from clients to servers for remote authentication over TLS channel.

This vulnerability could allow a MITM attack where user credentials are relayed and used to run code on the remote system against an RDP session.

In recent update, Windows 10 users are facing the following CredSSP error due to a vulnerability that allows an attacker to run arbitrary code execution against an running RDP Session.

According to Microsoft – “Mitigation consists of installing the update on all eligible client and server operating systems and then using included Group Policy settings or registry-based equivalents to manage the setting options on the client and server computers. We recommend that administrators apply the policy and set it to “Force updated clients” or Mitigated on client and server computers as soon as possible. These changes will require a reboot of the affected systems.”

This vulnerability has been fixed in latest update of Windows but many users are facing the above error while logging into remote system using RDP. This is because, either your OS has not updated to latest or the system that the user intends to connect is not fully updated which reflects the CredSSP error and displays a message to the user “An authentication error has occurred. The function requested is not supported. This could be due to CredSSP encryption oracle remediation.”

With Local Group Policy Editor, you can easily fix this error. Open the Group Policy Editor by typing “gpedit.msc” in your RUN command.

Navigate to “Administrative Templates” -> “System” -> “Credentials Delegation” under Computer Configuration.

Right click on “Encryption Oracle Remediation” settings and choose EDIT.

Now choose “Enabled” button and choose the protection level to “Vulnerable” as shown below:

Click Apply and then OK to fix CredSSP Encryption Oracle Remediation Error. Once you apply above changes, your RDP will work properly without any error.

Encryption Oracle Remediation policy offers 3 available values to protect against CredSSP vulnerability: Force

  • Updated Clients – the highest protection level when the RDP server blocks the connection from non-patched clients. Usually, this policy should be enabled after you have completely updated the entire infrastructure and added the latest security updates to the Windows install images for servers and workstations.
  • Mitigated – in this mode, an outgoing remote RDP connection to RDP servers with a vulnerable version of CredSSP is blocked. However, other services using CredSSP work fin.
  • Vulnerable – the lowest level of protection when connecting to an RDP server with a vulnerable version of CredSSP is allowed.

In case, if you don’t have Group Policy Editor (In case of Windows 10 Home Editions), then the same can be done with the help of Registry Editor that allows RDP connection to servers with unpatched version of CredSSP.

Step 1 – Press WIN+R keys together to launch RUN dialog box. Now type regedit and press Enter. It’ll open Registry Editor.

Step 2 – Now go to following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Step 3 – Create a new key under System key and set its name as CredSSP

Step 4 – Create another new key under CredSSP key and set its name as Parameters

Step 5 – Now select Parameters key and in right-side pane create a new DWORD AllowEncryptionOracle and set its value to 2.

Restart your computer to take effect.

Furthermore, if you update your windows in both level i.e. at Client Side and at Server level, then this error will go away. All third-party clients or servers must use the latest version of the CredSSP protocol. Please contact the vendors to determine if their software is compatible with the latest CredSSP protocol.

Nancy Culbreth
Nancy Culbreth

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.

Tags: CREDSSP Error, CredSSP Error Solution, CredSSP Error Solution Yeahhub, May RDP Error, May Windows Update Error, May Windows Update Error Solution, RDP Cred Error, RDP Error, RDP Error Solution, RDP Login Error, RDP Windows Error, Remote Desktop Protocol Error, Windows RDP Error, Yeahhub RDP Solution Free

Post navigation

5 Best Instagram Hacking Apps without Password
Make videos with Instagram Video Editor and video maker

No.1 Best Web Hosting


DomainRacer Web Hosting

Yeahhub’s Best Stuff

Kioptrix All Levels CTF Challenges Certified Ethical Hacker Questions CEHv9

Online Safety Quiz Yeahhub

CISSP Question Bank MCQ

DOS Attack Types

Information Security Abbreviations

Python Built-in Functions

OVER 1000+ INFORMATION SECURITY Q&A

Useful Linux Commands

Wireless Networking Questions

Related Posts

Tutorials

5 Windows 10 Features: How to Use Them

1 year ago
Nancy Culbreth
Tutorials

Some Useful PowerShell Cmdlets

3 years ago
Nancy Culbreth
Tutorials

Create Free SSL Certificate – ZEROSSL.COM [2020 Tutorial]

3 years ago
Nancy Culbreth
Tutorials

Generate Self-Signed SSL Certificate with OPENSSL in Kali Linux

3 years ago
Nancy Culbreth

You Missed

Articles

The Power of the Web: A Short Guide to How the Internet Can Supercharge Your Business

2 hours ago
Nancy Culbreth
Articles

Big Eyes Coin, Waves, Stacks: Cryptocurrencies that Could Make You Huge Profits in 2023

9 hours ago
Nancy Culbreth
Articles

Finding the Best Wallet for Your Crypto Needs: What to Look For

1 day ago
Nancy Culbreth
Articles

How to Increase Your Chances of Winning a Progressive Jackpot

2 days ago
Nancy Culbreth

Disclaimer

Yeahhub.com does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed,purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein.

Recent Comments

  • trool on SSLKILL – Forced Man in the Middle Attack – Sniff HTTPS/HTTP
  • web root on Top 20 High Profile Creation Backlink Sites – 2018 Update
  • daebak on How to Download Wistia Videos without any Tool
  • Daniel on How to Download Wistia Videos without any Tool
  • ulong jep on Exploitation of EternalBlue DoublePulsar [Windows 7 – 64bit] with Metasploit Framework

Latest Articles

  • The Power of the Web: A Short Guide to How the Internet Can Supercharge Your Business February 3, 2023
  • Big Eyes Coin, Waves, Stacks: Cryptocurrencies that Could Make You Huge Profits in 2023 February 3, 2023
  • Finding the Best Wallet for Your Crypto Needs: What to Look For February 2, 2023
  • How to Increase Your Chances of Winning a Progressive Jackpot February 2, 2023

Newsletter

Copyright © All rights reserved | Theme by Mantrabrain