An update rollup is available for Windows Embedded Compact 7. This rollup resolves the security issues that are described in the following Microsoft TechNet topic:
This rollup updates the CredSSP authentication protocol and Remote Desktop clients. Mitigation consists of installing the update and then using registry-based settings to manage the CredSSP parameter setting. The update introduces the following registry setting:
Registry path: [HKEY_LOCAL_MACHINE\Comm\SecurityProviders\CredSSP]
Date type: DWORD
Possible settings for AllowEncryptionOracle
|0||Force updated clients|
We recommend that you use the registry setting of 0 (force updated clients) or 1 (mitigated). Changes require a restart of the affected system.
Note The default value is 2 (vulnerable). After you install the 4479296 update, the default value will be changed to 1 (mitigated).
Software update information
The Windows Embedded Compact 7 Monthly Update (September 2018) is now available from Microsoft. To download the update, go to the Device Partner Center (DPC).
The kind of processor that each file applies to is displayed in the name of each file in the "File information" section.
This update is supported only if all previous updates for this product are installed.
After you apply this update, you must perform a clean build of the whole platform. To do this, use one of the following methods:
- On the Build menu, select Clean Solution, and then select Build Solution.
- On the Build menu, select Rebuild Solution.
You don't have to restart the computer after you apply this software update.
Update replacement information
This update doesn't replace any other updates.