Microsoft has confirmed a brand new problem inflicting newly launched Home windows safety warnings to show incorrectly when opening Distant Desktop (.rdp) information.
This recognized problem impacts all supported Home windows variations, together with Home windows 11 (KB5083768 & KB5083769), Home windows 10 (KB5082200), and Home windows Server (KB5082063).
As Microsoft explains in updates to the unique advisories, “the safety warning that seems when opening Distant Desktop (RDP) information may not show appropriately in some instances.”
On affected methods, the textual content within the warning home windows is troublesome to learn, and the buttons are misplaced, making it laborious, if not not possible, to work together with the safety dialog.
“This problem would possibly happen if you use a couple of monitor with totally different show scaling settings (for instance, one show set to 100% and one other set to 125%),” Microsoft says.
“When this occurs, the warning window would possibly present overlapping textual content or partially hidden buttons, which might make the message troublesome to learn or work together with.”
Microsoft launched these new protections on Home windows methods as a part of the April 2026 cumulative updates to forestall malicious RDP connection information from getting used on gadgets.
​After putting in the April 2026 safety replace, a one-time instructional immediate seems when customers open an RDP file for the primary time, warning them concerning the dangers.
When opening RDP information afterward, a safety dialog is displayed earlier than any connection is made, displaying whether or not the file is signed by a verified writer, the distant system’s handle, in addition to a listing of all native useful resource redirections, akin to drives, clipboard, or gadgets, with each possibility disabled by default.
When RDP information aren’t digitally signed, Home windows shows a “Warning: Unknown distant connection” warning, labeling the writer as unknown. If the RDP information are digitally signed, Home windows will once more show the writer and likewise warn customers to confirm their legitimacy earlier than connecting.
RDP information are generally utilized in enterprise environments to hook up with distant methods as a result of admins can preconfigure them to mechanically redirect native sources to the distant host.
Risk actors have more and more abused RDP information in phishing campaigns; for example, the Russian state-sponsored APT29 hacking group has beforehand used them to steal credentials and paperwork from victims’ gadgets remotely.
AI chained 4 zero-days into one exploit that bypassed each renderer and OS sandboxes. A wave of latest exploits is coming.
On the Autonomous Validation Summit (Might 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls maintain, and closes the remediation loop.
