![]() This policy controls compatibility with vulnerable clients and servers. ![]() Some versions of the CredSSP protocol are vulnerable to an encryption oracle attack against the client. This policy setting applies to applications that use the CredSSP component (for example, Remote Desktop Connection). Setting name: Encryption Oracle Remediation Policy path: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation Use the interoperability matrix and group policy settings described in this article to enable an “allowed” configuration. Related Microsoft Knowledge Base numbers are listed in CVE-2018-0886.īy default, after this update is installed, patched clients cannot communicate with unpatched servers. May 8, 2018Īn update to change the default setting from Vulnerable to Mitigated. The Remote Desktop Client (RDP) update update in KB 4093120 will enhance the error message that is presented when an updated client fails to connect to a server that has not been updated. Pay close attention to Group Policy or registry settings pairs that result in “Blocked” interactions between clients and servers in the compatibility table later in this article. These changes will require a reboot of the affected systems. ![]() We recommend that administrators apply the policy and set it to “Force updated clients” or “Mitigated” on client and server computers as soon as possible. Mitigation consists of installing the update on all eligible client and server operating systems and then using included Group Policy settings or registry-based equivalents to manage the setting options on the client and server computers. The initial March 13, 2018, release updates the CredSSP authentication protocol and the Remote Desktop clients for all affected platforms.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |