A Microsoft update that could affect your VPS

I know a lot of our users use remote desktops and some use them for fully automated trading with Bet Angel. So felt I should give you a heads up on a recent security update that could affect you. It has come around because Microsoft has applied a security update to stop your access being hijacked.

Are you affected by the update?

There are two ways you will know if you are affected by the issue.

(1) One way you will know if you are affected by the issue is if you log into your VPS and see that it is asking you to log in again, often showing more than one user. This can get particularly annoying as you just logged in, only to be told to log in again!

(2) The other way you will know if you are affected is an error message is displayed as you try to log in. It has the wonderful title of ‘CredSSP encryption oracle’. Sounds like something from the next Harry Potter film, but the reality is the error message will look something like this: –

What causes the error?

If you follow the link that Microsoft has supplied you will see a load of technobabble about the issue. Here is the link if you want to read it: –

https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

There is a full list of affect products here: –

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-0886

But to cut through and summarise all that, basically, there is an exploit that means a hacker could fake you logging into a server via RDP (Remote desktop protocol). Therefore Microsoft has issued a fix to prevent this.

The fix applies to the client and the server. Essentially the software on your local computer and the software running on the remote server on the VPS.  If you update one of those but not the other the error will appear.

How to solve the issue

I contacted my provider on seeing this issue and they were pretty unhelpful so I spent a couple of hours working through the issue and came up with some simple solutions. They both revolve around keeping your server up to date with Microsoft patches. Basically, if your server and local computer are up to date, you will not see the issue.

If you can log into your VPS then head to /control panel/update & security and install any uninstalled updates. After reboot, you should be fine.

If you see the ‘CredSSP encryption oracle’ error message. You will not be able to access your server via RDP. You will need your host or provider to do the update for you unless you are technically clever enough to access the server via a non-RDP client.

If you are a Bet Angel VPS user, please contact us and we can do it for you. But we will need your password to be able to access the server. Else we will have to reimage it from scratch and then apply the update. Neither are five-minute jobs, so be prepared for a wait while we put you in the queue to update your server.

The lesson

The simple lesson from this issue is that you haven’t kept the server updated with the latest security patches, which is a pretty important thing to do. Make sure you keep on top of this in the future, this is especially important in a server that is connected to the internet 24×7.

I hope you found this explanation useful. Stay safe!

Leave a Comment

Your email address will not be published.