Remote Desktop error CredSSP Encryption Oracle Remediation

If you are accessing system by using RDP ( Remote Desktop Protocol ), so you must aware about this issue, which comes after windows update. 

What is CredSSP CVE-2018-0886 vulnerability?

CredSSP or Credential Security Support Provider protocol is a type of authentication provider that processes the authentication requests for different applications and is used by RDP and WinRM (Windows Remote Management).

The unpatched versions of the CredSSP has been found to contain a remote code execution vulnerability. If it is found and exploited by an attacker, can relay the user credentials to execute any code on the target system. Thus, any application that depends upon CredSSP for remote desktop connections is at maximum risk.

You can also see Microsoft KB for CVE-2018-0886 and other article

The error is found due to combination of the following reasons:

– An NLA (Network Level Authentication) is activated on the target computer.
– The target computer has not been patched for CVE-2018-0886.
– You probably enforced the Force updated clients or Mitigated parameters on source computer.
– Most commonly, the error message will appear when the RDP client has been patched with the latest Windows update, but the server you’re connected to has not downloaded the patch for the CredSSP vulnerability.

Now coming to point how to resolve this issue without doing any changes in setting or without any update. 

Here is explanation about same. 

You need to go to system option from control panel under system and security. After that click on Remote setting. In system properties under remote section uncheck the option ‘Allow connections only from computer running Remote Desktop with Network Level Authentication’.

However this is not good practice but this is temporary solution for this issue. You should update client Machine as well as server both to resolve and improve the security of your system which is mention here.