It is strongly suggested to use NLA in RDP in order to have a more stronger authentication method between the client and server parties.
NLA (also known as CredSSP) had its design flaws which were published in CVE-2018-0886.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-0886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0886
The fix for this CVE was published by Microsoft in the update IDd by KB4103715.
https://support.microsoft.com/en-us/help/4103715/windows-81-update-kb4103715
Registry settings defining client and server side's behavior with other parties depending on if the other half is installed the fix for the Encryption Oracle Remediation is described in this Microsoft KB: https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
Our recommendation is to keep your systems up to date, and install the patches on both the server side and client side to fix this issue.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center