Microsoft has successfully resolved a significant issue that affected the display of newly introduced security warnings when opening Remote Desktop (.rdp) files. This problem was prevalent across all supported Windows versions, including Windows 11 (KB5083768 & KB5083769), Windows 10 (KB5082200), and Windows Server (KB5082063), particularly on devices utilizing multiple monitors with varying display scaling settings.
Details of the Update
The company addressed this bug in the optional KB5083631 preview cumulative update for Windows 11, which was released on Thursday, alongside 34 additional changes. Microsoft stated, “This update addresses an issue that affects the Remote Desktop Connection security warning dialog. The dialog could render incorrectly in a multi-monitor scenario when the monitors had different scaling set.” This issue surfaced following the installation of the April 2026 (KB5083769) security update.
As previously acknowledged by Microsoft, the security warnings displayed when opening RDP files were not rendering correctly on affected systems. Users reported that buttons within the alert windows were misaligned or partially obscured, and the text was challenging to read. This made it difficult, and in some cases impossible, to interact with the security dialog effectively.
These warnings were introduced with the April 2026 cumulative updates to enhance security by disabling potentially risky shared resources by default, thereby providing a robust defense against phishing attacks that exploit Remote Desktop connection (.rdp) files.
RDP files are widely utilized in enterprise environments for connecting to remote systems, as they can be preconfigured to automatically redirect local resources to a remote host. However, their convenience has also made them a target for threat actors, including the notorious Russian APT29 cyber-espionage group, which has leveraged these files to remotely steal documents and credentials from victims’ devices.
Following the installation of the April security updates, users will encounter a one-time educational prompt when opening an RDP file for the first time, highlighting the associated risks. Subsequently, a security dialog will appear prior to any connection, detailing whether the file is signed by a verified publisher, the address of the remote system, and all local resource redirections (such as drives, clipboard, or devices), with every option disabled by default.
If RDP files lack digital signatures, Windows will display a “Caution: Unknown remote connection” warning, indicating that the publisher is unknown. Conversely, if the files are digitally signed, users will be prompted to verify their legitimacy before proceeding with the connection.
However, user reports indicate that the KB5083769 security update has also caused issues with third-party backup applications from various vendors on Windows 11 24H2 / 25H2 systems, due to a timeout in the Volume Shadow Copy Service (VSS).
In addition, last month, Microsoft released out-of-band updates to address multiple issues within Windows Server that resulted in restart loops and failures during update installations after applying the April 2026 security updates.
