Settings or registry-based equivalents to manage the setting options Mitigation consists of installing the update on all eligible clientĪnd server operating systems and then using included Group Policy Protocol and the Remote Desktop clients for all affected platforms. The initial March 13, 2018, release updates the CredSSP authentication AnyĪpplication that depends on CredSSP for authentication may be An attacker who successfully exploits this vulnerabilityĬould relay user credentials to execute code on the target system. Just note that the first line varies depending on which Windows version you are using, so it might be a good idea to open regedit and export any rule just to see what's in the first line and use the same version in your file.Īlso, I am not concerned about degrading security in this particular situation becase I am connecting to an encrypted VPN and the host Windows does not have access to the internet and thus doesn't have the latest update.įile rd_patch.reg: Windows Registry Editor Version 5.00įor those who would like something easy to copy / paste into an elevated command prompt: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters /v AllowEncryptionOracle /t REG_DWORD /d 2 /fĬredential Security Support Provider protocol (CredSSP) is anĪuthentication provider that processes authentication requests forĪ remote code execution vulnerability exists in unpatched versions ofĬredSSP. Based entirely on Graham Cuthbert's reply I created a text file in Notepad with the following lines, and just double clicked it afterwards (which should add to Windows Registry whatever parameters are in the file).
0 kommentar(er)
