Fixed: CredSSP Encryption Oracle Remediation on Windows Server 2016, 2022

If you happen to encounter the CredSSP Encryption Oracle Remediation on Windows Server 2016 and 2022, fret not. This post offers you two tested solutions to address the issue.

Ellie

By Ellie / Updated on December 13, 2024

Share this: instagram reddit

What is Remote Desktop error due to CredSSP encryption?

 

I’m trying to make a remote desktop (RDP) connection to the server from the local client (Windows Server 2016) and only receive the following error message. It says that this is an authentication error and could be due to CredSSP encryption oracle remediation. What does this mean and how can I solve it?”

- Question from Server Fault

CredSSP Encryption Oracle Remediation

What causes CredSSP encryption oracle remediation on Windows Server 2016 and 2022?

The Server 2016 CredSSP encryption oracle remediation is a security feature introduced by Microsoft to address a vulnerability in the Credential Security Support Provider (CredSSP) protocol. This vulnerability, identified as CVE-2018-0886, could potentially allow an attacker to execute remote code on a target system through a man-in-the-middle (MITM) attack.

The CredSSP protocol is used in Windows operating systems to enable secure authentication and communication in various scenarios, including Remote Desktop Protocol (RDP) and Windows Remote Management (WinRM). The vulnerability arises from the way CredSSP handles authentication requests during the initial connection setup.

Here's a simplified explanation of what causes the CredSSP encryption oracle remediation:

  • Vulnerability Exploitation: The vulnerability allows an attacker to intercept and manipulate the authentication process between a client and server using CredSSP. This manipulation could lead to the execution of malicious code on the target system.
  • Encryption Oracle Attack: The term "encryption oracle" refers to a system that can be queried to decrypt data. In this context, the vulnerability allows an attacker to coerce the targeted system into acting as an encryption oracle, revealing sensitive information that could be exploited to carry out unauthorized actions.
  • Security Update: In response to the identified vulnerability, Microsoft released a security update to remediate the issue. The CredSSP encryption oracle remediation involves changes to the protocol's behavior to enhance security and prevent potential exploitation.

How to fix CredSSP encryption oracle remediation on Windows Server 2016 and 2022 [3 methods]

Here in this part, we provide you with two solutions to fix CredSSP encryption oracle remediation on Windows Server 2016 and 2022.

Method 1. Install CredSSP updates by using Azure Serial console

To fix CredSSP encryption oracle remediation RDP on Windows Server 2016 and 2022, install CredSSP updates on both the client and server. This ensures a secure establishment of Remote Desktop Protocol (RDP).

Step 1. Log in to the Azure portal, go to "Virtual Machine," and select your VM.

Step 2. Scroll down to the Help section, click on "Serial console."

CMD Available

Step 3. Type "cmd" to open a CMD instance.

Step 4. Type "ch -si 1" to switch to the CMD channel.

Run CMD Instance

Step 5. Press Enter, enter your admin login credentials.

Step 6. After login, the CMD instance opens for troubleshooting.

Windows System

Step 7. Type "PowerShell" to initiate it.

Step 8. Execute the Serial console script for your VM's OS. This script downloads and installs an update, addressing the issue, and restarts the VM.

Method 2. Configure the Group Policy setting

If applying the CredSSP update is not possible, or if it's not an immediate option, you can temporarily configure the Group Policy setting.

Step 1. On the client, press Win + R to open the Run dialog box. Then type in “gpedit.msc” and press OK.

Local Group Policy Editor Window

Step 2. Navigate here: Computer Configuration > Administrative Templates > System > Credentials Delegation. Then find Encryption Oracle Remediation policy on the right pane.

Encryption Oracle Remediation

Step 3. Double-click it to edit it. Change it to Enabled, and then change Protection Level to Vulnerable.

Encryption Oracle Remediation Protection Level

Method 3. Edit the Registry setting

Another temporary solution to bypass the "This could be due to CredSSP encryption oracle remediation" error is to modify the "AllowEncryptionOracle" registry value to 2 (Vulnerable).

 Step 1. Click Start, find Windows System, and expand it. Right-click Command Prompt, select More, and click Run as administrator.

Run the Command Prompt

Step 2. Run the following command to add a registry value:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

Encryption Oracle Remediation Registry

AnyViewer: Free remote desktop software without authentication error

If you've encountered the CredSSP encryption oracle remediation error and are looking for a reliable Remote Desktop alternative, AnyViewer is a great option. It is one of the best free remote desktop software that provides a secure and efficient way to remotely access and control your computer or another person's computer.

Here are some security measures taken by AnyViewer:

  • End-to-End Encryption: AnyViewer employs robust end-to-end encryption to ensure that your remote sessions are secure. This means that your data is protected from unauthorized access during transmission, providing a high level of privacy and security.
  • Secure Login Options: AnyViewer offers secure login methods, adding an extra layer of protection to your remote sessions. This helps prevent unauthorized access and enhances the overall security of your remote connections.
  • Two-Factor Authentication: Enhance your account security by enabling Two-Factor Authentication with AnyViewer. 2FA adds an extra step to the login process, requiring a second form of verification, such as a code from your mobile device, to ensure that only authorized users can access your remote sessions.
  • Regular Updates & Patches: AnyViewer is committed to maintaining a secure platform. Regular updates and patches are released to address any potential vulnerabilities, ensuring that the software stays resilient against evolving security threats.
  • Trusted by Businesses: AnyViewer is widely used remote desktop software for businesses globally, including in industries with strict security requirements. Its reputation for security and reliability makes it a trusted choice for professional use.

Step 1. Download, install, and launch AnyViewer on both devices.

Download Freeware Win PCs & Servers
Secure Download

 Step 2. Go to Log in, and then click Sign up. (If you already have signed up on its official website, you can log in directly.)

Log in AnyViewer

Step 3. Then you can see you successfully logged in to AnyViewer. Your device will automatically be assigned to the account you've logged in to. Log in to the same AnyViewer account on another computer.

Free Editions

Step 4. On the local device, choose the remote computer and then click One-click control to achieve unattended remote access.

Connect to My Devices

✍Note: If you want to assign more devices to achieve unattended remote access, then you can upgrade your account to a Professional or Enterprise plan. Also, you can connect to another computer in privacy mode, which means you can black the screen and block the mouse and keyboard of the remote computer.

Conclusion

This post outlines three methods to address the Remote Desktop CredSSP encryption oracle remediation on Server 2016 and 2022. Alternatively, you can avoid authentication errors by opting for an RDP alternative, such as AnyViewer. For free, user-friendly, and reliable remote desktop software, consider giving it a try.