Microsoft fixes Remote Desktop warnings displaying incorrectly

Microsoft fixes Remote Desktop warnings displaying incorrectly By Sergiu Gatlan May 1, 2026 08:46 AM 2 Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. This known issue affects all supported Windows versions, including Windows 11 (KB5083768 & KB5083769), Windows 10 (KB5082200), and Windows Server (KB5082063), on devices with multiple monitors and different display scaling settings. Microsoft addressed the bug in the optional KB5083631 preview cumulative update for Windows 11, released on Thursday, along with 34 other changes. "This update addresses an issue that affects the Remote Desktop Connection security warning dialog. The dialog could render incorrectly in multi-monitor scenario when the monitors had different scaling set," Microsoft said. "This might occur after installing the April 2026 (KB5083769) security update." As Microsoft explained when it acknowledged the bug on Wednesday, the security warnings appearing when opening RDP files may not display correctly. On affected Windows systems, the buttons in the alert windows are misaligned or partially hidden, and the text is hard to read, making it difficult, and in some cases impossible, to interact with the security dialog. These warnings were introduced on Windows systems with the April 2026 cumulative updates to disable risky shared resources by default as a defense against phishing attacks that abuse Remote Desktop connection (.rdp) files. Remote Desktop Connection security warning (Microsoft) ​RDP files are commonly used to connect to remote systems in enterprise environments because they can be preconfigured to automatically redirect local resources to a remote host. However, threat actors have also increasingly abused them in phishing campaigns, including the Russian APT29 cyber-espionage group, which has used them to steal documents and credentials from victims' devices remotely. After installing the April security updates, a one-time educational prompt will appear when opening an RDP file for the first time, warning about the associated risks. Afterward, a security dialog is displayed before any connection is made when opening RDP files, showing whether the file is signed by a verified publisher, the remote system's address, and all local resource redirections (including drives, clipboard, or devices), with every option disabled by default. If RDP files are not digitally signed, Windows displays a "Caution: Unknown remote connection" warning, with the publisher labeled as unknown. However, if they are digitally signed, Windows will warn users to verify their legitimacy before connecting. According to user reports, the KB5083769 security update also breaks third-party backup apps from multiple vendors on Windows 11 24H2 / 25H2 systems due to a VSS (Volume Shadow Copy Service) timeout. Last month, Microsoft also released out-of-band (OOB) updates to fix multiple Windows Server issues that caused restart loops and update installation failures after installing the April 2026 security updates. 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. Claim Your Spot Related Articles: Microsoft: New Remote Desktop warnings may display incorrectly Microsoft adds Windows protections for malicious Remote Desktop files April KB5083769 Windows 11 update causes backup software failures Recently leaked Windows zero-days now exploited in attacks Microsoft: April updates trigger BitLocker key prompts on some servers