How to fix CredSSP encryption oracle remediation

Method 1 – Group Policy

1、Open local group policy editor

clip_image001.png

2、Policy path: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation

Setting name: Encryption Oracle Remediation

image.png

3、Enable encryption oracle remediation, and select vulnerable in protection level.

image.png

Method 2 – Registry

1、Create a text file, input the following code, save the text file as a registry file, double click it and add it to registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]
"AllowEncryptionOracle"=dword:00000002
image.png
image.png

Method 3 – Command Prompt

1、Open a Command Prompt window as Administrator.

2、Run the following command to add a registry value:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

永久解决此问题

以上方案可以临时解决无法连接目标机器的问题,当更换新的电脑进行远程连接目标机器是,问题是依然存在的。

当更改以上设置连接到目标机器后,在目标机器上安装更新即可永久解决问题。

安装更新补丁,请打开以下地址,请根据目标机器的系统版本选择补丁进行安装。

https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2018-0886

Was this article helpful?

Related Articles