FIX: For machines that cannot access the internet, make the following changes in your group policy.
Since the machine cannot get out to the internet, it sits there until time-out and then your RDP connection proceeds. This is because remote desktop reaches out to the internet to check for root certificates that may have been revoked.Go to Personal/Certificates, right-click and select All Tasks -> Advanced Operations -> Create Custom Request. Open the MMC console on the Remote Desktop server you want to generate the certificate for, and add the Certificates snap-in, selecting the 'Computer account' and 'Local computer' options.This vulnerability allows an unauthenticated attacker (or malware) to execute code on the vulnerable system. This month’s Microsoft Patch Tuesday included a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) in Remote Desktop that impacts Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2.
