Short:
With the release of the May 2018 updates Microsoft is changing the default behavior of a setting from Vulnerable to Mitigated. This may affect applications that rely on CredSSP such as but not limited to RDP and WinRM.
What is happening:
Microsoft released a security update to fix a vulnerability with CredSSP back in March 2018. This update required companies and organizations to make a registry or GPO setting change to make the security risk go away. This provided companies to have some time in crafting a plan for their systems. Microsoft announced in April 2018 that the in May 2018 they would make a design change so the setting would be switched from Vulnerable to Mitigated by default.
Action Required:
Make sure you update all servers or where systems such as workstations are acting as the “server” first. Then patch workstations. Otherwise your client workstations may not be able to connect.
Additional Details:
https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
https://blogs.technet.microsoft.com/askpfeplat/2018/05/07/credssp-rdp-and-raven
Leave a Reply