Redakcja Choose TV
Microsoft is introducing one of the most practical security updates in recent months, focusing on an issue that has been practically invisible to many users. The latest updates for Windows 11 and Windows 10 include new security measures related to RDP files, or remote desktop configurations. These were used in real attacks to gain access to computers, often without the user's knowledge.
Innocent file that can take control
RDP files are commonly used in companies for quickly connecting to other computers. The problem is that they can be easily manipulated. It is enough to open a crafted file for the system to connect to a server controlled by an attacker, exposing, for example, drives, clipboard, or login data. Such attacks are not a theory; they were used by the APT29 group, which exploited false RDP files in phishing campaigns. The whole operation was sneaky because the user only saw a regular file and was unaware they were granting access to their system.
New protections and greater control
Microsoft decided to change this by introducing several layers of protection. After the update, the system first displays an educational message about the threats associated with RDP files. Then, with every attempt to open such a file, a detailed security window appears, showing, among other things, the server address and clearly informing what data may be shared. Most importantly, all potentially dangerous options such as access to files or the clipboard are turned off by default. The user must consciously enable them, which significantly reduces the risk of accidental data sharing. It's a small change in everyday use, but a huge step toward security.
New security measures show that even seemingly innocent files can pose a serious threat, and additional messages from the system can genuinely protect users from an attack.
source: digitaltrends.com
