How to fix CredSSP error on RDP connections

If you are experiencing a problem connecting to an endpoint and encounter the CredSSP error shown below, this could be due to a missing Windows OS update that fixed the CredSSP vulnerability.

Please see below for a quick fix / workaround. This is only a workaround. It is best to make sure that both connecting endpoints and RDP hosts are fully patched in order to avoid this problem.



As a workaround, please use elevated CMD to apply below registry fix to either the connecting endpoint, the RDP host, or both. A reboot is not required after the registry fix.

REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /v AllowEncryptionOracle /t REG_DWORD /d 2

MORE DETAILS: In March 2018, Microsoft released an update for this CredSSP vulnerability in Microsoft Windows. Essentially, Microsoft indicated that a remote code execution vulnerability exists in unpatched versions of CredSSP. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. Any application that depends on CredSSP for authentication may be vulnerable to this type of attack.
Therefore, the long term solution to the above vulnerability is to update all systems as indicated by Microsoft. Please update all machines (connecting FROM, connecting TO, and server the TruGrid Sentry agent is installed onto) with the latest CredSSP Windows OS update and in general any pending Windows OS updates.

Updated on: 08/03/2023