Redakcja Choose TV
Microsoft has introduced one of the most practical security updates in recent months, focusing on an issue that was virtually invisible to many users. The latest updates for Windows 11 and Windows 10 have introduced new security measures related to RDP files, which are remote desktop configurations. These were used in real attacks to take over access to computers, often without the user's knowledge.
Innocent file that can take control
RDP files are commonly used in businesses for quick connections to other computers. The problem is that they can be easily manipulated. It only takes opening a malicious file for the system to connect to a server controlled by the attacker, granting them access to things like drives, clipboard, or login credentials. Such attacks are not a theory; they have been used by groups like APT29, which exploited fake RDP files in phishing campaigns. The whole thing was deceptive, as the user only saw a normal file and had no idea they were granting access to their system.
New security measures and greater control
Microsoft has decided to change this by introducing several layers of protection. After the update, the system first displays an educational message about the threats associated with RDP files. Then, each time an attempt is made to open such a file, a detailed security window appears, showing, among other things, the server address and providing precise information about what data may be shared. Most importantly, all potentially dangerous options like access to files or the clipboard are turned off by default. The user must consciously enable them, which significantly reduces the risk of accidentally sharing data. It's a small change in everyday use, but a huge step towards security.
New security measures show that even seemingly innocent files can pose a serious threat, and additional messages from the system can genuinely protect users from an attack.
source: digitaltrends.com
