CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access | HostStage .

CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access

CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access

  • 10 May 0
CVE-2018-0886-remote-desktop-access-min
Did you like what you read?Share on Facebook
Facebook
0Share on Google+
Google+
0Tweet about this on Twitter
Twitter
0Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

On the 8th of May, Microsoft finalized an update which started in March 13th by changing the authentification protrocol of the remote desktop sessions.

They rolled the final update by disabling the former CREDSSP protocol since an exploit was discovered. (CVE-2018-0886)

The exploit allowed to execute remote code a remote system through the logins details provided in a regular remote desktop session.

A hacker could therefore gain access to the remote desktop data, programs or even create/ disable new accounts.

Since, yesterday the patch not only patched the security issue by completely changed the authentification protocol and disabled the CREDSSP one by default.

The issue is that if you haven’t updated your Windows VPS (remote desktop server), you wouldn’t be able to access your VPS any longer and you should see the following message:

An Authentification error has occurred.

The Function requested is not supported

Remote computer: *IP ADDRESS*

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

Remote Desktop Connection CredSSP Error

In order to retrieve the usual access to your Windows VPS / Remote Desktop Access you would need to follow the steps below:

  1. Open a Command Prompt using Administrator Rights (right click on the cmd.exe, select execute as administrator)
  2. Paste the following commands into your command prompt and hit enter

reg add “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /f /v AllowEncryptionOracle /t REG_DWORD /d 2

 

It will revert the modification made automatically with the latest automatic Windows Update and you should be able to access your remote desktop again.

Giving how critical this vulnerability is, we warmly invite you to perform all the Windows updates in order to patch the current security issue which is considered as highly critical and put your Windows VPS at risk.

Once you have run the update and your Windows VPS has been restarted, your VPS is patched and if you allow a remote desktop access to your computer, you would need to revert the change made by typing in the command prompt with elevated privileges the following:

reg add “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /f /v AllowEncryptionOracle /t REG_DWORD /d 1

Hit enter.

Did you like what you read?Share on Facebook
Facebook
0Share on Google+
Google+
0Tweet about this on Twitter
Twitter
0Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

Leave A Comment


Join Us on Facebook

Our Latest Tweets

  • 1 month ago

    @Galukxy  What is the reason of your website suspension? It could be something we could help you with actually

  • 4 months ago

    The Ultimate List: 57 Online Local Business Directories https://t.co/HATo96qXrw #localseo #Leadgeneration… https://t.co/HUz7sXscHz

  • 4 months ago

    21 of the Best #Facebook Pages We've Ever Seen https://t.co/Kz0o3jhuWS #FacebookMarketing #SMM #socialmedia https://t.co/nFOwpvtGMs

  • 4 months ago

    How to Make the Right Landing Page Rank: A Complete #SEO Checklist https://t.co/PaAye3CJCd #DigitalMarketing https://t.co/vTsj6sXEpu

  • 4 months ago

    30 Crazy #SocialMedia Facts That Might Change How You Think About Marketing https://t.co/hmEK7QuAnM #SMM #marketing https://t.co/mUlSRX8itV