Note: this setting should not be deployed until all remote hosts support the newest version. If you enable this policy setting, CredSSP version support will be selected based on the following options:įorce Updated Clients: Client applications which use CredSSP will not be able to fall back to the insecure versions and services using CredSSP will not accept unpatched clients. This policy allows you to set the level of protection desired for the encryption oracle vulnerability. This policy controls compatibility with vulnerable clients and servers. Some versions of the CredSSP protocol are vulnerable to an encryption oracle attack against the client. This policy setting applies to applications using the CredSSP component (for example: Remote Desktop Connection).
0 Comments
Leave a Reply. |