I found out this is a known resultant due to a windows patch. Until our server tin last patched amongst the latest windows updates, the entirely fashion you lot tin remote to the server is inwards this noesis base of operations article: https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/
This is the easiest fashion to mitigate it from the article:
If it is non possible to access to Local Group Policy Editor on the customer (i.e. Windows Home versions), same alter tin last done through the registry:
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2
After that, whether the established RDP session is secure or non depends on whether server is patched. Remember to un-do this when all the servers are patched.
https://mail.google.com/mail/u/0/?zx=chpd5jsp8x2z#inbox/164d14eaa238060b
This is the easiest fashion to mitigate it from the article:
If it is non possible to access to Local Group Policy Editor on the customer (i.e. Windows Home versions), same alter tin last done through the registry:
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2
After that, whether the established RDP session is secure or non depends on whether server is patched. Remember to un-do this when all the servers are patched.
https://mail.google.com/mail/u/0/?zx=chpd5jsp8x2z#inbox/164d14eaa238060b
