CredSSP authentication error On Windows VPS
-
Tuesday, 10th July, 2018
-
16:24pm
A while back, Microsoft announced it would ship updates to both its RDP client & server components to resolve a critical security vulnerability. That rollout is now happening and many clients have received auto-updates for their client.
Clients are getting the following error -
we are hereby providing an Update/Solution.
Credential Security Support Provider protocol (CredSSP) is an authentication provider that processes authentication requests for other applications.
A remote code execution vulnerability exists in unpatched versions of CredSSP. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. Any application that depends on CredSSP for authentication may be vulnerable to this type of attack.
This security update addresses the vulnerability by correcting how CredSSP validates requests during the authentication process.
For more information: CredSSP (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-0886)
To resolve, kindly follow these steps:
-
Login to Windows Operating System through VNC Logins
-
Once you are logged in Windows OS, Go to “ Windows Update”
-
Update the Windows to upto present day.
-
Once the updates are installed, Restart the VPS.
-
Now you will be able to access the Windows VPS through “Remote Desktop Access”
