Microsoft has acknowledged a newly identified issue affecting the display of security warnings when users attempt to open Remote Desktop (.rdp) files. This problem is present across all supported versions of Windows, including Windows 11 (KB5083768 & KB5083769), Windows 10 (KB5082200), and Windows Server (KB5082063).
Details of the Display Issue
According to Microsoft, the security warning that should appear during the opening of Remote Desktop files may not render correctly in certain situations. Users on affected systems have reported that the text within the warning windows is challenging to read, and buttons are misaligned, complicating interactions with the security dialog.
The company elaborates that this issue often arises when multiple monitors with different display scaling settings are in use. For instance, if one monitor is set to 100% and another to 125%, the resulting warning window may exhibit overlapping text or partially obscured buttons, rendering the message difficult to comprehend or engage with.
Background on Security Enhancements
This recent update is part of Microsoft’s ongoing efforts to bolster security measures within Windows systems. The new protections were introduced with the April 2026 cumulative updates, aimed at mitigating the risks associated with malicious RDP connection files.
Upon the installation of the April 2026 security update, users are greeted with a one-time educational prompt the first time they open an RDP file, outlining potential risks. Subsequent attempts to open RDP files trigger a security dialog that provides critical information, including whether the file is signed by a verified publisher, the address of the remote system, and a comprehensive list of all local resource redirections—such as drives, clipboard, or devices—with all options disabled by default.
In cases where RDP files lack digital signatures, Windows presents a “Caution: Unknown remote connection” warning, indicating that the publisher is unverified. Conversely, if the files are digitally signed, Windows displays the publisher’s information while also advising users to confirm their legitimacy before proceeding with the connection.
Usage and Security Concerns
RDP files are widely utilized in enterprise environments, allowing administrators to preconfigure connections that automatically redirect local resources to remote hosts. However, the rise in phishing campaigns exploiting RDP files has raised significant security concerns. Notably, the Russian state-sponsored APT29 hacking group has previously leveraged these files to remotely steal credentials and sensitive documents from victims’ devices.
