To add to what Chdwck wrote, you will probably need to login to those remote servers to get the update installed. If you aren't comfortable using the command line to install updates, you can simply edit the local group policy on your computer until the updates can be deployed. I ran into this problem today as well. I am new to my position and after attempting your fix I found that my server has not been updated since May 2016 and that I don't even have that Group Policy setting available. Do you think that this fix will work clientside an authentication error has occurred rdp now. One thing I had to do to get the Group Policy enabled was to move the new policy template and language file to the Policy Store. This should allow the policy to show up in Group Policy editor. You can then make the changes needed; however, they do require a reboot to take effect. I don't know if a patched client is allowed to connect to an unpatched server or not. The Microsoft article doesn't discuss that scenario, just the other way around. I am new to my position and after attempting your fix I found that my server has not been updated since May 2016 and that I don't even have that Group Policy setting available. Do you think that this fix will work clientside for now. If both server and client are patched, nothing is needed. If one side is patched and the other is not, you either need to patch it or make the required registry changes until you can get everything patched. You can do it via group policy or you can do it manually. I wouldn't call this a fix - it's a bandaid until you can get your environment patched. Microsoft's Security Patch on Tuesday is causing the problems for machines that don't have automatic Windows Updates. We've documented our findings on the symptoms, suspected causes, explanations, and a simple workaround in this blog post: Hope this helps. On May Patch Tuesday, Microsoft released a patch that basically enforces the March patch, so if your workstation got the May patch but you're trying to connect to servers that haven't received the March patch, you'll get this error. As a workaround, you can push a Group Policy out or edit a registry key locally, but neither one of those is considered a long-term permanent solution. You can read - for more information on the Group Policy and registry key. In the article above, there's a link to those files from a patched Windows 2012 R2 server which should work. By default, after this update is installed, patched clients cannot communicate with unpatched servers. This was announced in advance and the time delay was to allow people to update their systems. Systems that haven't been updated are the ones now experiencing issues. Before this update vulnerable systems were still allowed to connect to patched systems. Now, the default it to not allow that. So the solution is still to either update your systems or dial back the security and leave your systems vulnerable. Connecting to a hosted solution, as in this case, you are going to have to update your system. But users also don't generally control what policies are applied to their system. If an administrator has set it so that they cannot connect to unpatched systems, then all they can do is ask for the patch to be installed on the system they need to connect to. A work around is to lower the security level. If you do lower the security policy, then you have to remember to go back and change it, and let's face it, that's unlikely to happen. You can reasonably safely lower the security level if your client and server are an authentication error has occurred rdp on a private network under which you have full control of who has physical and logical access to. Microsoft security policies are geared towards maximum security of data transmissions assuming they cross the insecure public internet so they necessarily must configure for every possible known security vulnerability. Microsoft security policies are geared towards maximum security of data transmissions assuming they cross the insecure public internet so they necessarily must configure for every possible known security vulnerability. If so, don't consider it private. All that you said is fine and well until someone gets malware on the computer, sniffs out credentials, and then uses your lowered security stance to hijack your systems. Hi Luke, It seems your correct. I have lower the security of my station just to connect to that server. If you aren't comfortable using the command line to install updates, you can simply edit the local group policy on your computer until the updates can be deployed.
