I have encountered this error on several systems over the past couple of months while attempting to create an RDP session to a Windows remote machine:


I found adding the registry entry detailed below to the client machine the quickest fix:


Create REG_DWORD: AllowEncryptionOracle
Value: 2


You can run the following cmd from an elevated prompt to apply the registry config:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2


As per MS the issue was caused by a CredSSP update:

‘The most common scenario is that the client has the CredSSP update installed, and the Encryption Oracle Remediation policy setting does not allow an insecure RDP connection to a server that does not have the CredSSP update installed.’

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s