Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Remote Desktop error: due to CredSSP encryption oracle fix

2025-02-23 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

The following error occurred when using windows for remote desktops:

According to official information, this problem was caused by the update of Windows on May 8, 2018 (CredSSP update for CVE-2018-0886). A remote code execution vulnerability in the unpatched version of CredSSP was previously fixed, but the update released on May 8 changed the default setting of encrypted Oracle Correction from vulnerable to mitigated updates.

Therefore, after installing this update, the patched client cannot communicate with the unpatched server by default, and the error prompt as shown in the figure above pops up.

Common solutions:

1. For patched clients

Through Group Policy (more convenient): run gpedit.msc Local Group Policy, select "computer configuration" > "Administrative templates" > "system" > "credential assignment" > "encryption Oracle Correction", select "enable" and select "vulnerable". If the group policy does not have an encryption Oracle correction, this computer has not been patched and updated.

Through the registry (for the home version of Windows without group policy): run the regedit registry, jump to the path: HKLM (abbreviated)\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ System\ CredSSP\ Parameters, create your own if you don't have the corresponding table entry, create a new data with the type DWORD (32) bit and name "AllowEncryptionOracle" in the right column of the Parameters key, and finally restart the computer.

2. For unpatched servers

Modify remote settings (not recommended): run sysdm.cpl system properties, select remote, and uncheck only computer connections that are allowed to run remote desktops using network basic authentication (recommended).

Install update patch (recommended): most of the methods available online are to modify the reorganization policy on the client, but in fact, this method reduces the security of the computer, does not meet Microsoft's official expectations, and is not recommended for long-term settings. The best practice should be to install the appropriate security update package on unpatched computers, especially on enterprise servers. You can download and install the security update packages of Microsoft operating systems on May 8, 2018. The update packages corresponding to common system versions are listed below:

Windows 10 version 1703-KB4103731

Windows 8.1 and Windows Server 2012 R2-KB4103715

Windows 7 SP1 and Windows Server 2008 R2 SP1-KB4103712

Both the client and server need to be updated, otherwise Windows and third-party CredSSP clients may not be able to connect to Windows or third-party hosts. For conditions that cause the operation to fail, see the interoperability matrix below.

CredSSP protocol server

Guest

Households

End

Clients that are not patched and forced to update are vulnerable to * unpatched permission

Block clients that allow forced updates to allow mitigation to allow vulnerable to

Reference to the article:

CredSSP updates for CVE-2018-0886

Windows official Patch download Center

KB4103731-May 8, 2018-Windows 10 Historical updates

Windows 8.1 and Windows Server 2012 R2 update history

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report