AnsweredAssumed Answered

Windows Remote Desktop Protocol Weak Encryption Method Allowed for Windows 2012

Question asked by Sanjoy Debnath on Dec 24, 2015

Vulnerability Title : Windows Remote Desktop Protocol Weak Encryption Method Allowed (QID 90882)


For Windows Server 2012 , Microsoft Forums Provide a solution to change the Encryption Level to High:

wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting WHERE TerminalName="RDP-Tcp" CALL SetEncryptionLevel 3


Encryption Level High : This level encrypts data sent from the client to the server and from the server to the client by using 128-bit encryption. Use this level when the RD Session Host server is running in an environment containing 128-bit clients only (such as Remote Desktop Connection clients). Clients that do not support this level of encryption will not be able to connect.


We had Applied this solution on Windows 2012 server and got a clean report from Qulays scan. As the solution provided by Qualys for Windows 2008 server, may this point add for Windows 2012 server too?


Thank you

Outcomes