Security News > 2022 > July > Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11

Microsoft is now taking steps to prevent Remote Desktop Protocol brute-force attacks as part of the latest builds for the Windows 11 operating system in an attempt to raise the security baseline to meet the evolving threat landscape.

"Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute-force password vectors," David Weston, Microsoft's vice president for OS security and enterprise, said in a series of tweets last week.

The feature, which follows the company's decision to resume blocking of Visual Basic Application macros for Office documents, is also expected to be backported to older versions of Windows and Windows Server.

Aside from malicious macros, brute-forced RDP access has long been one of the most popular methods used by threat actors to gain unauthorized access to Windows systems.

"Brute-forcing RDP is the most common method used by threat actors attempting to gain access to Windows systems and execute malware, '' Zscaler noted last year."

"A malicious user could programmatically attempt a series of password attacks against all users in the organization," the company notes.

News URL

https://thehackernews.com/2022/07/microsoft-adds-default-protection.html