Redakcja Choose TV
Microsoft is introducing one of the most practical security updates in recent months, focusing on an issue that has been practically invisible to many users. The latest updates for Windows 11 and Windows 10 have introduced new security measures related to RDP files, which are remote desktop configurations. These were indeed used in real attacks to take over access to computers, often without the user's knowledge.
Innocuous file that can take control
RDP files are commonly used in companies for quick connections to other computers. The problem is that they can be easily manipulated. It is enough to open a crafted file for the system to connect to a server controlled by the attacker, thereby exposing drives, clipboard, or login data. Such attacks are not a theory; for instance, they were used by the APT29 group, which employed false RDP files in phishing campaigns. It all worked insidiously, as the user only saw a regular file and was unaware that they were handing over access to their system.
New security measures and increased control
Microsoft has decided to change this by introducing several layers of protection. After the update, the system first displays an educational message about the threats associated with RDP files. Then, with every attempt to open such a file, a detailed security window appears, which shows, among other things, the server address and informs precisely what data may be shared. Most importantly, all potentially dangerous options such as access to files or the clipboard are disabled by default. Users must consciously enable them, which significantly reduces the risk of accidental data sharing. This is a small change in everyday use, but a huge step towards security.
New security measures show that even seemingly innocent files can pose a serious threat, and additional notifications from the system can genuinely protect users from an attack.
source: digitaltrends.com
