Symptoms
You are unable to perform some tasks that use WinRM when using HTTPS. The attempt returns an access denied. The same tasks succeed when using HTTP.
An example of such a task is using the “new-pssession” Powershell cmdlet. The symptom is not limited to this Powershell example as the underlying issue could manifest for any operation attempting to use WinRM over HTTPS.
An example of such a task is using the “new-pssession” Powershell cmdlet. The symptom is not limited to this Powershell example as the underlying issue could manifest for any operation attempting to use WinRM over HTTPS.
Resolution
Ensure that both KB968389 and MS09-059 are installed on the affected system.
More Information
975467 - MS09-059: Vulnerability in the Local Security Authority Subsystem Service could allow denial of service
http://support.microsoft.com/default.aspx?scid=kb;EN-US;975467
968389 - Extended Protection for Authentication
http://support.microsoft.com/default.aspx?scid=kb;EN-US;968389
http://support.microsoft.com/default.aspx?scid=kb;EN-US;975467
968389 - Extended Protection for Authentication
http://support.microsoft.com/default.aspx?scid=kb;EN-US;968389