locked
CredSSP updates for CVE-2018-0886 - Does the 2FA help to prevent the attack? RRS feed

  • Question

  • Hello experts,

    I'm afraid of the new vulnerability reported in Windows RDP with CredSSP. In my infra, we are using 2FA (Two factor authentication) RSA. Will it help to prevent the MITM attack due to the CredSSP vulnerability? 

    Please advice..........


    Jaril Nambiar


    Thursday, March 15, 2018 4:39 PM

Answers

  • 2FA really only alerts you if a login attempt is made from a new device. The MitM attack can still happen, you may or may not get an alert when it happens. As for the patch itself, keep in mind that the patch is all or nothing:  client and server versions and configs must match or they will be unable to communicate via RDP/WinRM.

    Über Random

    Friday, March 16, 2018 7:27 PM

All replies