Microsoft fixes Remote Desktop warnings displaying incorrectly
Phong Xuan
Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.
This known issue affects all supported Windows versions, including Windows 11 ( & ), Windows 10 (), and Windows Server (), on devices with multiple monitors and different display scaling settings.
Microsoft addressed the bug in the optional preview cumulative update for Windows 11, , along with 34 other changes.
"This update addresses an issue that affects the Remote Desktop Connection security warning dialog. The dialog could render incorrectly in multi-monitor scenario when the monitors had different scaling set," . "This might occur after installing the April 2026 (KB5083769) security update."
As Microsoft explained on Wednesday, the security warnings appearing when opening RDP files may not display correctly. On affected Windows systems, the buttons in the alert windows are misaligned or partially hidden, and the text is hard to read, making it difficult, and in some cases impossible, to interact with the security dialog.
These warnings were introduced on Windows systems with the to disable risky shared resources by default as a defense against phishing attacks that abuse Remote Desktop connection (.rdp) files.
Remote Desktop Connection security warning (Microsoft)
RDP files are commonly used to connect to remote systems in enterprise environments because they can be preconfigured to automatically redirect local resources to a remote host. However, threat actors have also increasingly abused them in phishing campaigns, including the Russian APT29 cyber-espionage group, which has to steal documents and credentials from victims' devices remotely.
After installing the April security updates, a one-time educational prompt will appear when opening an RDP file for the first time, warning about the associated risks.
Afterward, a security dialog is displayed before any connection is made when opening RDP files, showing whether the file is signed by a verified publisher, the remote system's address, and all local resource redirections (including drives, clipboard, or devices), with every option disabled by default.
If RDP files are not digitally signed, Windows displays a "Caution: Unknown remote connection" warning, with the publisher labeled as unknown. However, if they are digitally signed, Windows will warn users to verify their legitimacy before connecting.
According to user reports, the KB5083769 security update from multiple vendors on Windows 11 24H2 / 25H2 systems due to a VSS (Volume Shadow Copy Service) timeout.
Last month, Microsoft also to fix multiple Windows Server issues that caused and after installing the April 2026 security updates.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop.
