RDP Archives

Winsage

April 18, 2026

Microsoft’s Patch Tuesday release for April is a whopper

A series of updates have been released, focusing on system integrity and performance. Users should perform verification tasks, including installing, uninstalling, and repairing MSI packages, connecting and disconnecting cloud sync providers, and enrolling devices in Intune or MDM solutions. The Common Log File System driver (clfs.sys) is receiving a follow-up patch, along with updates to Storage Spaces (spaceport.sys) and app isolation file system drivers (bfs.sys, wcifs.sys). Users should also run Windows Update installation and rollback cycles, install and uninstall applications, and verify data integrity through backup solutions. For Storage Spaces, creating a pool with mirrored and thin virtual disks and ensuring clean deletion is necessary. April's updates for Office target MSI editions, including Excel 2016 (KB5002860), PowerPoint 2016 (KB5002808), Office 2016 shared libraries (KB5002859), and SharePoint Server editions from 2016 to 2019. These updates do not apply to Click-to-Run deployments like Microsoft 365 Apps. Users should validate complex Excel workbooks, PowerPoint presentations, SharePoint document libraries, and the functionality of Office add-ins. Testing for two High Risk components is essential: changes to Kerberos may disrupt services using RC4 keytabs, and the Remote Desktop client update requires validation of clipboard functionality, printer redirection, and session reconnection. Validating Secure Boot and BitLocker is critical as CVE-2023-24932 key rolling progresses. Additionally, cloud sync testing is important due to five patches to the Projected File System driver, and regression testing is needed for dual afd.sys updates and VPN/IPsec patches across remote-access infrastructure. Office updates are limited to MSI editions.

Winsage

April 15, 2026

Microsoft releases Windows 10 KB5082200 extended security update

Microsoft has released the Windows 10 KB5082200 extended security update, addressing vulnerabilities from the April 2026 Patch Tuesday, including two critical zero-day flaws. The update enhances security with new protections against phishing attacks using Remote Desktop Protocol (.rdp) files and provides updated indicators in Windows Security for new Secure Boot certificates. Users can install the update by checking for updates in the Windows Update settings. After installation, Windows 10 will upgrade to build 19045.7184, and Windows 10 Enterprise LTSC 2021 will transition to build 19044.7184. The update resolves a total of 167 vulnerabilities, including two significant zero-day issues, and includes fixes for signing into Microsoft apps, enhanced Remote Desktop security, dynamic Secure Boot status reporting, and issues affecting Intel-based devices with Connected Standby. Microsoft is also rolling out new Secure Boot certificates to replace older ones expiring in June 2026, with no known issues reported for this update.

Tech Optimizer

April 15, 2026

Connecting .NET Lambda to Amazon Aurora PostgreSQL via RDS Proxy

Many organizations are modernizing legacy .NET applications while reducing database costs and enhancing scalability, particularly during migrations to AWS Lambda and transitions from SQL Server to Amazon Aurora PostgreSQL-Compatible Edition. The process involves connecting Lambda functions to Aurora PostgreSQL using Amazon RDS Proxy, with AWS Secrets Manager managing secure credential storage. The architecture includes a .NET Lambda function interfacing with Aurora PostgreSQL via RDS Proxy, which provides connection pooling to minimize database connection overhead. The solution requires a CloudFormation template to provision resources such as a VPC with private subnets, an Aurora PostgreSQL cluster, RDS Proxy, and Secrets Manager. The RDS Proxy is configured with parameters including PostgreSQL engine family, idle client connection timeout, and Secrets Manager secret. A Windows EC2 instance is provisioned, and access is facilitated through AWS Systems Manager Fleet Manager. The solution includes creating a sample table named "employee" in the database and a new .NET Lambda project that utilizes Npgsql for database connections. The Lambda function is deployed using the AWS CLI, and testing involves invoking the function and retrieving logs from Amazon CloudWatch. Finally, resources created during the process should be deleted to prevent ongoing charges.

Winsage

April 15, 2026

Microsoft adds Windows protections for malicious Remote Desktop files

Microsoft has introduced new security measures for Windows 10 and Windows 11 to protect against phishing attacks that exploit Remote Desktop Protocol (RDP) connection files. These updates, part of the April 2026 cumulative updates (KB5082200, KB5083769, and KB5082052), include a one-time educational prompt for users upon first opening an RDP file, requiring acknowledgment of the associated risks. Subsequent attempts to open RDP files will display a security dialog with information about the file's publisher, the remote system address, and local resource redirections, with options disabled by default. If an RDP file is unsigned, a warning will indicate an "Unknown remote connection." These protections apply only to connections initiated through RDP files, not through the Windows Remote Desktop client, and can be temporarily disabled via the Windows Registry.

Winsage

February 16, 2026

Contain your Windows apps inside Linux Windows

WinApps and WinBoat are two solutions for running Windows applications on Linux. WinApps, developed since 2020 by Ben Curtis, allows users to run a genuine copy of Windows in a virtual machine (VM) and export individual applications to the Linux desktop using Microsoft's Remote Desktop Protocol (RDP). It supports various methods, including Docker, Podman, and KVM virtualization, with KVM offering extensive customization but requiring a more complex setup. WinBoat, a newer application at version 0.9.0, simplifies the user experience by automating much of the setup process and requires only Docker and FreeRDP to be installed. WinBoat is designed for ease of use, making it accessible for users less comfortable with technical configurations. Both tools allow users to run Windows software that may not work well under WINE, but running a full Windows OS in a VM involves licensing, maintenance, and resource considerations.

Winsage

January 30, 2026

Microsoft Adds Centralized RDP Shortpath Control via GPO and Intune

Microsoft has enhanced the management of Remote Desktop Protocol (RDP) Shortpath, now available through Group Policy Objects (GPO) and Microsoft Intune, allowing IT teams to implement centralized control over RDP Shortpath behavior across Azure Virtual Desktop (AVD) session hosts and Windows 365 Cloud PCs. RDP Shortpath improves performance and reliability by establishing a direct, UDP-based network connection, reducing latency and enhancing responsiveness for audio and video applications. Prior to this update, managing RDP Shortpath was fragmented, requiring manual adjustments on individual session hosts, which complicated consistent networking behavior. The new centralized configuration allows administrators to enforce Shortpath settings uniformly, reducing administrative overhead and ensuring consistent performance and security controls. Administrators can manage RDP Shortpath settings centrally, control all Shortpath modes, and ensure compatibility with AVD host pool settings. Effective operation of RDP Shortpath requires appropriate network conditions, and policy changes necessitate a restart of session hosts or Cloud PCs.

Winsage

January 19, 2026

The Last Windows Security Updates of January 2026 Are Here

Microsoft released its first set of security updates for the Windows operating system and various products in January 2026, addressing over 110 vulnerabilities. The updates are available for all supported versions of Windows, with Windows 10 receiving fixes only through the Extended Security Updates (ESU) program. Windows 11 versions 24H2 and 25H2 are the main consumer releases benefiting from these updates. Approximately 112–114 security updates were released, with around 8 rated as Critical. At least one zero-day vulnerability is actively exploited. The updates include security fixes for Windows, Office, Edge, Azure, and server components. Windows 11 versions 23H2, 24H2, and 25H2, as well as Windows Server 2023 and 2025, have known issues. Windows 11 version 24H2 and 25H2 received security fixes for multiple vulnerabilities, while version 23H2 continues to receive support through enterprise servicing channels. Windows 10 updates are limited to ESU-enrolled systems, with general support ending in October 2025. Windows Server 2016, 2019, 2022, 2023, and 2025 received January security updates, addressing important vulnerabilities without disclosing any critical ones. Microsoft also released updates for Office products and SharePoint Server components. Known issues after the January updates include credential prompt failures and authentication issues in Azure Virtual Desktop and Windows 365, particularly affecting the new Windows App. Workarounds involve using the classic Remote Desktop client or the web-based RDP client. Additionally, devices with Secure Launch enabled may experience shutdown and sleep mode failures. Microsoft has provided out-of-band fixes for certain affected systems as of January 18, 2026. Users can manually install updates through the Windows Update feature, and it is recommended to create a full system backup before proceeding with updates.

Winsage

December 12, 2025

Repurposing an ‘Obsolete’ Windows 10 Laptop into a Thin Client, Part 1 — Virtualization Review

42% of desktop systems were still operating on Windows 10 as of mid-October 2025, leaving millions of devices unsupported and vulnerable to security risks. Organizations are considering either investing in new Windows 11 devices or repurposing old PCs into thin clients. The RepurpOS thin-client operating system can revitalize aging hardware, such as the Dell E7440 laptop, which is available for around 0 on platforms like eBay. RepurpOS requires modest hardware specifications: an Intel or AMD x86 CPU, 2 GB of RAM, and 4 GB of persistent storage. It is offered through a subscription model that is more affordable than Microsoft’s Extended Security Updates for Windows 10. The installation process for RepurpOS is straightforward, and it supports various remote desktop protocols, including Citrix, Horizon, and AWS. Testing with Remote Desktop Protocol (RDP) shows that modern implementations provide fast and secure remote access with features like Adaptive Graphics and GPU-accelerated rendering.

Winsage

November 24, 2025

In wake of Windows 10 retirement, over 780,000 Windows users skip Win 11 for Linux, says Zorin OS developers — distro hits unprecedented 1 million downloads in five weeks

Zorin OS 18 has surpassed one million downloads, with over 78% of these coming from Windows systems. The latest version features a redesigned interface that combines elements of Windows 11 and MacOS, introduces Windows-style window tiling, and allows web-app integration for services like Office 365 and Google Docs. It includes a "Search Everywhere" function in the Files app, RDP remote-login support, and improved Bluetooth audio through the PipeWire audio stack. Zorin OS 18 is a Long Term Support release, guaranteeing updates until 2029. The release coincides with the end of support for Windows 10, leading to increased interest in alternatives among Windows users.

Winsage

November 13, 2025

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog to include critical flaws in WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox. 1. WatchGuard Firebox Vulnerability (CVE-2025-9242): This vulnerability has a CVSS score of 9.3 and allows unauthenticated attackers to execute arbitrary code through an out-of-bounds write flaw. It affects Fireware OS versions 11.10.2 to 11.12.4_Update1, 12.0 to 12.11.3, and 2025.1. The vulnerability impacts the Mobile User VPN and Branch Office VPN configured with IKEv2. 2. Gladinet Triofox Vulnerability (CVE-2025-12480): This improper access control vulnerability allows threat actors to bypass authentication and upload remote access tools. It has been linked to threat cluster UNC6485 and is the third Triofox issue exploited this year, following CVE-2025-30406 and CVE-2025-11371. 3. Microsoft Windows Vulnerability (CVE-2025-62215): This race condition vulnerability has a CVSS score of 7 and allows an authorized attacker to elevate privileges locally, potentially gaining SYSTEM privileges. Federal agencies must address these vulnerabilities by December 3, 2025, as per Binding Operational Directive (BOD) 22-01. Private organizations are also advised to review the KEV catalog to strengthen their cybersecurity measures.