How to fix Encryption Oracle Remediation missing from group policy

encryption oracle remediation not found : How to fix Encryption Oracle Remediation missing from group policy. Error “CredSSP Encryption Oracle Remediation Error” in CredSSP security (Credential Security Support Provider Protocol) is a common error in Remote Desktop Protocol (RDP) connection between Window Client (personal computer) and Window Server (server). This is Microsoft feature security, however will throw an error if you are trying to establish RDP an insecure connection and the connection is blocked by installing Oracle encryption policy on the server or machine guest. This setting defines how to build an RDP instance using CredSSP and check if the RDP connection is secure. Therefore, after using Windows updated after March 2018, you may receive the message “CredSSP Encryption Oracle Remediation Error” when using the Remote Desktop feature. In this article, Macwintips will introduce you solutions for this error.
How to fix Encryption Oracle Remediation missing from group policy
How to fix Encryption Oracle Remediation missing from group policy
This could be due to CredSSP encryption oracle remediation.

How to fix the error This could be due to CredSSP encryption oracle remediation

Step 1: Press the key Windows + Rand typeregedit

 

Regedit
Step 2. Go to the path  HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, if not, create a CredSSP key by right-clicking on System, selecting New> Key
Create a new key
Name the key CredSSP

Step 3 : Inside the CredSSP key,  create more key  Parameters 

Add key Parameters inside the CredSSP key

Step 4:  In  Parameters  create  DWORD (32 bit) Value  and name it  AllowEncryptionOracle

Create a DWORD (32 bit) Value key named AllowEncryptionOracle

Step 5:  Double click on AllowEncryptionOracle  and enter  Value data  as  2

Double click on AllowEncryptionOracle  and enter  Value data  as  2

Complete the above steps exit Registry Editor and proceed to reconnect.

Good luck!

How to Fix This could be due to CredSSP encryption oracle remediation Error

Why is encryption oracle remediation not found?

This error is due to a recent update  (KB4093492) to windows to resolve vulnerabilities in windows authentication. Specifically a vulnerability in the Windows subsystem, Credential Security Support Provider protocol (CredSSP). This vulnerability applies to all modern versions of Windows Operating systems and allows for a remote code execution vulnerability. However, post patching caused an issue where the patched clients were blocked from communicating with unpatched servers over RDP protocols. Let’s take a look at the Windows RDP CredSSP encryption oracle remediation error fix.

Use group policy to change the Credential Delegation at the client

Use the group policy settings changes described below to roll back the changes to the ‘Vulnerable’ state to allow RDP access.

  • Press Windows + R, type gpedit.msc and ok
  • On the group policy, the editor window navigate the following path
  •  Computer Configuration > Administrative Templates > System > Credentials Delegation
  • Double click on the policy named “Encryption Oracle Remediation”
  • Here change the policy enabled,
  • Then change Protection Level to Vulnerable. (see image below)

Once the change is made in the group policy editor it is put into effect immediately. No restart was required to apply the change.

Now try to reconnect the RDP client check there is no more RDP authentication error “CredSSP encryption oracle remediation”.

Tweak Windows registry editor

If you are windows home basic user, you don’t have a group policy editor option to change the Credential Delegation at the client. But don’t worry you can apply the following registry tweak to fix the Windows RDP CredSSP encryption oracle remediation error.

    • Press Windows + R, type regedit and ok
    • This will open Windows registry editor, navigate the following subkey
    • HKEY_LOCAL_MACHINE > Software > Microsoft > Windows > CurrentVersion > Policies > System
    • Right-click on System, select New > Key and name it as CredSSP.
    • Now right click on CredSSP and create a new key with the name Parameters.
    • In Parameters, you have to create new DWORD (32-bit) value with the name AllowEncryptionOracle.
    • right-click on AllowEncryptionOracle and choose Modify
    • Here change its value data to “2” and Base to “Decimal“.
    • That’s all, click ok and close registry editor.

Now try connecting to other systems using RDP and you can now see the successful connection.