MC1279831: Remote Desktop adds new safeguards for connections opened from RDP files
Starting with the April 2026 Windows security update, Remote Desktop adds new safeguards to help reduce phishing attacks that misuse Remote Desktop (.rdp) files. These attacks attempt to trick devices into connecting to attacker‑controlled systems and sharing local resources without clear visibility. To address this, a new security dialog appears before any connection is made, showing the remote computer address, publisher information (when available), and any requested access to local resources. All requested settings are disabled by default and must be explicitly enabled. A one‑time security warning also appears the first time an RDP file is opened.When will this happen:This change takes effect with the April 2026 Windows security update.How this will affect your organization:Devices that open Remote Desktop (.rdp) files will see a new security dialog before a connection is established. The dialog shows the remote computer address, publisher information (when available), and any requested access to local device resources. All requested settings are turned off by default and must be explicitly enabled. In addition, a one‑time security warning appears the first time an RDP file is opened on a device after installing the update. This experience is intended to make potentially risky connections more visible and intentional. Connections that are started manually by entering a computer name directly in the Remote Desktop app are not affected.Note: On devices running Windows Server 2012 and Windows Server 2012 R2, the new dialog text is displayed in English only and is not localized. This does not affect functionality.What you need to do to prepare:Review any workflows, scripts, or automation that rely on launching Remote Desktop sessions by opening RDP files. Automated scenarios that previously launched connections without user interaction may require updates.Organizations that develop or use software built on Remote Desktop client components, including custom Remote Desktop clients, should review how those applications handle RDP file–based connections. Administrator and developer options are available for scenarios that require temporary compatibility adjustments, but doing so bypasses the enhanced security provided by this update and should be evaluated carefully.IT admins and support teams should be aware of the new dialogs so they can help explain the change if questions arise.Additional information