Microsoft CVE-2018-0886 Changed CredSSP & Disabled RDP

On March 13, Microsoft released this very frustrating, secretive monster that is Windows Update CVE-2018-0886.

It doesn’t necessarily disable RDP, but if it hits you by surprise, it has the same effect. The problem is that it updates a virtually unknown setting that controls how some applications authenticate. It’s called the Credential Security Support Provider protocol (CredSSP). The problem is NOT with the update. Rather the issue is that there’s a mismatch of patching levels between your PC and the server/PC to which are trying to connect to using RDP.

The link above explains more about what it is and why it had to be locked down. Microsoft Support issued a KB article (KB 4093492) that helps give clues into how to get things working again until all the systems that you connect to are patched.

In order to get things working for me, I changed a Group Policy setting:

1. Open the Local Group Policy Editor
2. Follow the navigation in the screenshot
3. Open the Encryption Oracle Remediation item
4. Enable the setting
5. Set the Protection Level to “Vulnerable”
6. Click [OK]

Hope that helps someone.

How did you get around this little issue?

Author

Stewart Schatz

Career: Principal CNC Consultant for Syntax Systems Limited specializing Oracle JD Edwards EnterpriseOne and the technology that supports it. Side Hustle: Owner/Operator of E1Tips.com Location: Lancaster, PA USA  What I like to do: Invest in Family, Explore Technology, Lead Teams, Share Knowledge/Experience, Hunt, Hike, etc.

stewart@9rains.com

http://stewartschatz.com