Security News > 2022 > July > Microsoft adds default protection against RDP brute-force attacks

"Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors," David Weston of Enterprise and OS Security at Microsoft, announced, just as the company confirmed that it will resume the rollout of the default blocking of VBA macros obtained from the internet.

Brute-forced RDP access and malicious macros have for a long time been two of the most popular tactics used by threat actors to gain unauthorized access to Windows systems.

The Windows Account Lockout Policy allows enterprise network admins to set a lockout threshold - a specific number of failed logon attempts - after which a user account will be locked.

The default blocking of VBA macros rollout continues.

In February 2022, Microsoft announced the default blocking of VBA macros obtained from the internet for five Office apps that run macros.

"If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change," she added.

News URL

https://www.helpnetsecurity.com/2022/07/21/microsoft-protection-rdp-brute-force-attacks/