When you try to connect through RDP to remote machines, you may get the following error message:
An authentication error has occurred.
The function requested is not supportedRemote computer: <xxx.xxx.xxx.xxx>
This could be due to CredSSP encryption oracle remediation.
For more information, see https:/go.microsoft.com/fwlink/?linkid=866660
The Microsoft Security patch issued on Tuesday, May 8th requires remote connections at the highest security level. More information here: https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018. So you are probably trying to connect to a patched machine from an unpatched machine. If you can’t patch both machines, you can use the following workaround using GPO.
Note: If you work in a workgroup, you can enable this setting using Local Group Policy Editor.
Navigate to the following path:
- Computer Configuration
- Administrative Templates
- System
- Credentials Delegation and select Encryption Oracle Remediation
Select Enabled and Vulnerable
Vulnerable: Client applications which use CredSSP will expose the remote servers to attacks by supporting fall back to the insecure versions and services using CredSSP will accept unpatched clients.
It is not suggested as a long-term fix, so please note that you must update all your machines!
Thanks for reading! You can follow me on Twitter @PrigentNico
