After swapping out an OS drive into an Azure VM, we were unable to RDP into the revisioned VM, getting this error:

In May 2018, Microsoft issued CredSSP updates for CVE-2018-0886 which requires that KB 4093120 be installed on both the client and server.

The fast way to solve this error so we could successfully RDP into the Azure VM, is to temporarily change the policy settings on the client machine.

Process on the Client Machine:

  • Change settings in the Local Group Policy Editor.
  • Go to Run > gpedit.msc
  • Navigate through Computer Configuration > Administrative Templates >System > Credentials Delegation > Encryption Oracle Remediation
  • Select Enabled and change from Production Level to Vulnerable

  • Run the command gpupdate /force to apply group policy settings.

The remote desktop connection will allow RDP access into the VM. The update list for the Azure server (that just had an archived OS disk swapped to it) shows that the KB4103723 is in the Windows update list: