top of page
ninsterecrilove

Download Patch 2018-CVE-0886 to Fix Remote Code Execution Vulnerability in CredSSP



How to Download and Apply Patch 2018-CVE-0886 for Windows




If you use Windows and Remote Desktop Connection, you may be vulnerable to a serious security flaw that could allow attackers to execute code on your system. This flaw, known as CVE-2018-0886, affects the Credential Security Support Provider protocol (CredSSP) that is used for authentication. Microsoft has released a patch to fix this issue, but you need to download and apply it correctly to protect your computer. In this article, we will show you how to do that step by step.




patch 2018-cve-0886 download




What is Patch 2018-CVE-0886 and Why You Need It




Patch 2018-CVE-0886 is a security update that addresses a vulnerability in the CredSSP protocol that could allow remote code execution on unpatched systems. This means that an attacker could exploit this flaw to run malicious commands or programs on your computer without your knowledge or consent.


The CredSSP Vulnerability and Remote Code Execution




CredSSP is a protocol that enables applications to delegate user credentials from a client to a target server. For example, when you use Remote Desktop Connection to access another computer, CredSSP is used to authenticate you with your username and password. However, some versions of CredSSP are vulnerable to an encryption oracle attack, which allows an attacker to decrypt or modify the data sent between the client and the server. This way, the attacker could steal your credentials, impersonate you, or execute code on the target system.


The Impact and Risk of Not Applying the Patch




This vulnerability affects all supported versions of Windows, from Windows 7 to Windows 10, as well as Windows Server 2008 to Windows Server 2016. Any application that relies on CredSSP for authentication, such as Remote Desktop Connection, PowerShell Remoting, or WinRM, may be vulnerable to this type of attack. If you do not apply the patch, you are exposing your computer and network to potential breaches, data theft, malware infection, or ransomware attacks.


How to Download Patch 2018-CVE-0886




To download the patch, you need to follow these steps:


Check Your Windows Version and Update History




First, you need to check which version of Windows you are running and whether you have already installed the patch or not. To do this, follow these steps:


  • Press Windows + R keys to open the Run dialog box.



  • Type winver and click OK. This will show you your Windows version and build number.



  • Press Windows + I keys to open the Settings app.



  • Click on Update & Security.



  • Click on View update history. This will show you a list of updates that have been installed on your computer.



  • Look for an update with the name CredSSP updates for CVE-2018-0886. If you see it, it means you have already installed the patch and you can skip the next step. If you don't see it, it means you need to download and install it.



Use Windows Update or Microsoft Update Catalog




You can use either Windows Update or Microsoft Update Catalog to download and install the patch. To use Windows Update, follow these steps:


How to install patch 2018-cve-0886 on Windows Server 2012 R2


Patch 2018-cve-0886 for Remote Desktop Connection


CredSSP updates for CVE-2018-0886 - Microsoft Support


Download KB4103715 security-only update for Windows 8.1


Fix CredSSP encryption oracle remediation error


Patch 2018-cve-0886 for Windows Server 2016


Download KB4103726 security-only update for Windows Server 2008 R2 SP1


Patch 2018-cve-0886 for Internet Explorer


CredSSP vulnerability CVE-2018-0886 - what you need to know


Download KB4103712 monthly rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1


Patch 2018-cve-0886 for Windows apps


Download KB4103725 security-only update for Windows 10 Version 1607 and Windows Server 2016


Patch 2018-cve-0886 for Windows kernel


Download KB4103727 security-only update for Windows 10 Version 1703


Patch 2018-cve-0886 for Microsoft Graphics Component


Download KB4103731 security-only update for Windows 10 Version 1709


Patch 2018-cve-0886 for Windows storage and filesystems


Download KB4103721 security-only update for Windows 10 Version 1803


Patch 2018-cve-0886 for HTML help


Download KB4103723 security-only update for Windows Server version 1709


Patch 2018-cve-0886 for Windows Hyper-V


Download KB4103724 security-only update for Windows Server version 1803


How to configure group policy settings for patch 2018-cve-0886


Patch 2018-cve-0886 for Credential Security Support Provider protocol (CredSSP)


How to use registry settings to manage patch 2018-cve-0886 options


Patch 2018-cve-0886 for remote code execution vulnerability in CredSSP


How to troubleshoot patch 2018-cve-0886 installation issues


Patch 2018-cve-0886 compatibility matrix and scenarios


How to uninstall patch 2018-cve-0886 if needed


Patch 2018-cve-0886 file information and checksums


  • Open the Settings app and click on Update & Security.



  • Click on Check for updates. Windows will scan for any available updates and download them automatically.



  • Once the download is complete, click on Restart now to install the updates. You may need to save your work and close any open applications before restarting.



To use Microsoft Update Catalog, follow these steps:


  • Open your web browser and go to .



  • Type CVE-2018-0886 in the search box and click on Search.



  • Find the update that matches your Windows version and architecture (32-bit or 64-bit) and click on Download.



  • Click on the link that ends with .msu to download the update file.



  • Once the download is complete, double-click on the file to run it. Follow the instructions on the screen to install the update.



Verify the Installation of the Patch




To verify that you have successfully installed the patch, you can check your update history again or use the PowerShell command. To check your update history, follow these steps:


  • Open the Settings app and click on Update & Security.



  • Click on View update history.



  • Look for an update with the name CredSSP updates for CVE-2018-0886. If you see it, it means you have installed the patch successfully.



To use the PowerShell command, follow these steps:


  • Press Windows + X keys and select Windows PowerShell (Admin).



  • Type Get-HotFix -Id KB4093120 and press Enter. This is the KB number for the patch. If you see a result with this number, it means you have installed the patch successfully.



How to Apply Patch 2018-CVE-0886




To apply the patch, you need to configure a policy setting called Encryption Oracle Remediation. This setting determines how your computer handles CredSSP authentication requests from unpatched systems. You can use either Group Policy or Registry Editor to configure this setting. To use Group Policy, follow these steps:


Configure the Encryption Oracle Remediation Policy




  • Press Windows + R keys to open the Run dialog box.



  • Type gpedit.msc and click OK. This will open the Local Group Policy Editor.



  • Navigate to Computer Configuration > Administrative Templates > System > Credentials Delegation.



  • Double-click on Encryption Oracle Remediation.



  • Select Enabled.



  • In the Options box, select one of the following values from the drop-down menu:




  • Vulnerable: This is the default value and it means that your computer will accept any CredSSP authentication requests from any system, regardless of whether they are patched or not. This is not recommended as it exposes your computer to potential attacks.



  • Mitigated: This means that your computer will only accept CredSSP authentication requests from patched systems. This is recommended as it protects your computer from unpatched systems.



  • Force updated clients: This means that your computer will only accept CredSSP authentication requests from patched systems that have also configured this policy setting to Force updated clients. This is the most secure option as it ensures that both sides of the connection are patched and have the same policy setting.




  • Click OK to save the changes.



Restart Your Computer and Test the Remote Desktop Connection




To apply the policy setting, you need to restart your computer. After restarting, you can test your Remote Desktop Connection by following these steps:



  • Press Windows + R keys to open the Run dialog box.



  • Type mstsc.exe and click OK. This will open the Remote Desktop Connection app.



  • Type the name or IP address of the remote computer you want to connect to and click Connect.



  • If prompted, enter your username and password and click OK.

  • If the connection is successful, you will see the desktop of the remote computer. If the connection fails, you will see an error message.



Troubleshoot Any Issues or Errors




If you encounter any issues or errors while trying to connect to a remote computer, you can try the following solutions:


  • Make sure that both your computer and the remote computer have installed the patch and configured the policy setting correctly.



  • Make sure that both your computer and the remote computer have the same policy setting value. For example, if your computer has Mitigated and the remote computer has Force updated clients, you will not be able to connect.



  • Make sure that both your computer and the remote computer have enabled Remote Desktop Connection and allowed it through the firewall.



  • Make sure that you have entered the correct name or IP address of the remote computer and that it is reachable on the network.



  • Make sure that you have entered the correct username and password for the remote computer and that you have the permission to access it.



Conclusion




Patch 2018-CVE-0886 is a critical security update that fixes a vulnerability in the CredSSP protocol that could allow remote code execution on unpatched systems. If you use Windows and Remote Desktop Connection, you should download and apply this patch as soon as possible to protect your computer from potential attacks. To do this, you need to check your Windows version and update history, use Windows Update or Microsoft Update Catalog, verify the installation of the patch, configure the Encryption Oracle Remediation policy, restart your computer, and test the Remote Desktop Connection. If you encounter any issues or errors, you can troubleshoot them using the solutions provided in this article. We hope this article has helped you understand how to download and apply Patch 2018-CVE-0886 for Windows.


FAQs




Here are some frequently asked questions about Patch 2018-CVE-0886:


What is CVE-2018-0886?




CVE-2018-0886 is a common vulnerability and exposure identifier for a security flaw in the CredSSP protocol that could allow remote code execution on unpatched systems.


What is CredSSP?




CredSSP is a protocol that enables applications to delegate user credentials from a client to a target server. For example, when you use Remote Desktop Connection to access another computer, CredSSP is used to authenticate you with your username and password.


What is remote code execution?




Remote code execution is a type of attack that allows an attacker to run malicious commands or programs on a target system without the user's knowledge or consent.


How do I know if I have installed Patch 2018-CVE-0886?




You can check your update history in the Settings app or use the PowerShell command Get-HotFix -Id KB4093120 to see if you have installed Patch 2018-CVE-0886.


How do I configure the Encryption Oracle Remediation policy?




You can configure the Encryption Oracle Remediation policy using either Group Policy or Registry Editor. You need to select one of the following values: Vulnerable, Mitigated, or Force updated clients. The recommended value is Mitigated. 44f88ac181


26 views0 comments

Recent Posts

See All

留言


bottom of page