It's possible to get a NTE_BAD_KEYSET error when attempting to get the context. According to Microsoft you should then attempt to create a new key set (See http://msdn.microsoft.com/en-us/library/aa379886%28v=vs.85%29.aspx\). An example is provided here: http://msdn.microsoft.com/en-us/library/aa382375%28VS.85%29.aspx
I've attached a patch that fixes EncryptSymmetric. I was able to test and confirm the patch works on a vm where the key set didn't exist.