RDP Error: CredSSP encryption oracle remediation


The Credential Security Support Provider protocol (CredSSP) updates for CVE-2018-0886 patch, released on May 8th 2018, if applied make not possible to connect using RDP unless both endpoints have the patch applied.

The error will be:

An authentication error has occurred.

The function requested is not supported.

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

Best way to fix this is to patch both systems, but sometimes patching servers is not an easy task to do. There are some servers isolated from internet and this makes it difficult to update windows OS.


There is a workaround about this error.

Edit Group Policy

Open gpedit.msc from Start menu and navigate to Computer Configuration / Administrative Templates / System / Credentials Delegation

Double Click Encryption Oracle Remediation, click Enabled and select Protection Level to Vulnerable

Registry Editor

Another way to solve this problem is via Registry Editor

Open regedit.msc from Start Menu and navigate to: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters

Double click AllowEncryptionOracle and change the value to 2 and click OK

Restart your computer to take effect.