For group policy wonks, this is no doubt old hat, but for the rest of us: 1.Find a machine with the latest security update installed.This is a list of TCP and UDP port numbers used by protocols of the application layer of the Internet protocol suite for the establishment of host-to-host connectivity.The Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full-duplex, bidirectional traffic.Please see updates at the end of the post before applying any group policy!The problem is that you need the new admx (policy) and adml (resource) files that are delivered with the patch.“Patch Lady” Susan Bradley has some helpful explanations on Ask Woody about Microsoft KB4093942, “Cred SSP updates for CVE-2018-0886.” She mentions that you can prepare for the updates by setting group policy before they are installed.However, I found that the group policy settings is not available on a domain controller if the update is not installed.
Unsourced or poorly sourced material may be challenged or removed.
The Stream Control Transmission Protocol (SCTP) and the Datagram Congestion Control Protocol (DCCP) also use port numbers.
They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist.
You should now be able to edit the new group policy: Computer Configuration set Encryption Oracle Remediation to Mitigated on unpatched servers or you will lose the ability to RDP from patched clients. if the connection fails, Remote Desktop will show this message: This is accompanied by the following error in the client’s event log: Log Name: Microsoft-Windows-Terminal Services-RDPClient/Operational Source: Microsoft-Windows-Terminal Services-Client Active XCore Event ID: 226 Task Category: RDP State Transition Level: Warning Description: RDPClient_SSL: An error was encountered when transitioning from Ts Ssl State Handshake In Progress to Ts Ssl State Disconnecting in response to Ts Ssl Event Handshake Continue Failed (error code 0x80004005).
Set Encryption Oracle Remediation to Vulnerable until the server is patched.