Eric's Technical Outlet

Learning the hard way so you don't have to

Monthly Archives: May 2018

“Incorrect Function” and “Encryption Oracle Remediation” Errors

Starting with the April 2018 Windows security patches, Microsoft began cleaning up a remote execution vulnerability in CredSSP. Unfortunately, truly fixing it requires that patched systems reject CredSSP communications from unpatched systems. Developers control which authentication methods their applications use, and they won’t necessarily make you aware. So far, I have seen problems in Remote Desktop Connection and System Center products. Read more of this post