Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update

HomeCyber Security Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update By Guru Baran April 28, 2026 Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may render incorrectly on certain system configurations, a significant usability concern given that the warnings are designed to protect users from active phishing threats. The bug was introduced alongside the April 14, 2026, Patch Tuesday security update, specifically KB5083769 for Windows 11 versions 25H2 and 24H2, and KB5083768 for Windows 11 version 26H1. These updates introduced new RDP security warnings as part of Microsoft’s broader effort to combat CVE-2026-26151, a Remote Desktop spoofing vulnerability that had been actively exploited in the wild. The intent was to display a clear, detailed warning dialog before any RDP connection is made, showing publisher verification status, the remote computer’s address, and available local resource access options. However, users quickly began reporting rendering failures with the new dialog, prompting Microsoft to add it as a formal known issue on April 23, 2026, before issuing a correction to the documentation on April 27, 2026. Remote Desktop Warnings Incorrect According to Microsoft’s support documentation, the issue specifically manifests on multi-monitor systems with different display scaling settings. For example, if one monitor is set to 100% scaling and a second to 125%, the RDP warning window may render with overlapping text or partially hidden buttons, making the critical security prompt difficult or impossible to read and interact with. New Microsoft RDP Warning (Source: Microsoft) This is particularly problematic because the warning dialog is precisely the trust checkpoint users must review before allowing a remote machine access to local resources such as clipboards, smart cards, printers, and cameras. The underlying RDP warnings were introduced to counter weaponized .rdp file-based phishing campaigns, where threat actors distribute malicious RDP configuration files to silently hijack credentials or redirect sensitive local resources. The April 2026 updates also made local resource redirection disabled by default for pre-configured RDP files, requiring explicit user acknowledgment on each connection. Microsoft has indicated a permanent fix will be delivered in a future cumulative update, and enterprise administrators are advised to monitor mixed-DPI workstations closely in the interim. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News Checkmarx Confirms GitHub Repository Data Published on Dark Web Xiongmai IP Camera Vulnerability Let Attackers Bypass Authentication and have Remote Access ADT Confirms Data Breach Following ShinyHunters Data Leak Claim Bitwarden CLI Compromised in Supply Chain Attack via GitHub Actions Cybercriminals Exploit French Fintech Accounts to Move Stolen Money Before Detection Latest News Cyber Security News Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild Cyber Security News Chinese Silk Typhoon Hacker Extradited to the U.S. from Italy cloud WhatsApp Testing Own Cloud Backup Provider for Default End-to-End Encryption Cyber Security News New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen Cyber Security News New Silver Fox Campaign Uses Fake Tax Audit Alerts and Software Updates to Deliver Malware