Support Portal

            How to reverse the CredSSP Vulnerable State

            Applies to: Previously Modified Workstations

            Those who have taken steps to resolve the inability to login upon the release of the CredSSP patch from Microsoft following this article: Receiving Message: "An authentication error has occurred"
            Requirements for Method #1 and Method #2: Local Administrative Privileges
            Requirements for Method #1 , Method #2, and Method #3: Reboot Workstation

            Method #1: The Easy Way

            If the user has administrative privilege on their workstation, this would be the simplest way to revert the machine's security.
            • Download the CredSSP-Secure.reg file (Link to download on the bottom of this article)
            • Run the file, and allow it to merge with the registry
            • Reboot your computer
            • You're done.

            Method #2: The Harder Way

            Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

            322756 How to back up and restore the registry in Windows

            • Open the Registry: Start > Run > regedit
            • Navigate to: HKLM/Software/Microsoft/Windows/CurrentVersion/Policies/system/CredSSP/Parameters
            • Double-click on the "AllowEncryptionOracle" key, and change the value from 2 to 1
            • Close regedit
            • Reboot your computer
            • You're done.

            Method #3: For IT Admins

            If this change was done globally to fix this via Group Policy:
            • Open the Group Policy in question
            • Navigate to: Computer Configuration > Administrative Templates > System > Credentials Delegation
            • Double click on "Encryption Oracle Remediation"
            • Change the value from "Vulnerable" to "Mitigation"
            • Deploy the policy
            • Note: The end user's workstations will require a reboot for this policy to take effect.

            Attachments (1)
            Help us to make this article better
            0 0