pftq.com
Blabberbox » Remote Desktop Broken After Windows UpdateShare on Twitter

Remote Desktop Broken After Windows Update

May 10th, 2018 | Posted by pftq in Blabberbox | #
Tried to sign on to my remote workstation this morning only to get some error about "CredSSP encryption oracle mediation." It turns out my laptop installed Windows Updates overnight.  The below updates are what you'll want to uninstall and then restart to be able to use RDP again.  They're basically updates installed on 2018-05-09.
KB4103725
KB4103727
KB4338819 (July 2018)
KB4464218 (Sep 2018)
KB4462919 (Oct 2018)
KB4467702 (Nov 2018)

It looks like the issue is that both server and client need the updates installed to be able to connect (in other words, no backwards/legacy support).  Will be holding off on these updates until Microsoft fixes the compatibility issues, as I'm not inclined to install anything that might accidentally lock me out of my servers.

To permanently disable an update from being reinstalled each time you restart, see:
https://support.microsoft.com/en-us/help/3183922/how-to-temporarily-prevent-a-windows-update-from-reinstalling-in-windo

Update: Looks like there is a new way to keep the update and disable the CredSSP only:
https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/
1. Run > gpedit.msc
2. Browse to Computer Configuration / Administrative Templates / System / Credentials Delegation in the left pane.
3. Change the Encryption Oracle Remediation policy to Enabled, and Protection Level to Vulnerable.
If you don't have gpedit.msc, install: https://www.deviantart.com/drudger/art/Add-GPEDIT-msc-215792914
484 unique view(s)

Leave a Comment

Name: (Have an account? Login or Register)
Email: (Won't be published)
Website: (Optional)
Comment:
Enter the code from image: