Security News > 2022 > October > All Windows versions can now block admin brute-force attacks
Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting local administrator accounts via a group policy.
"Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors," he tweeted on July 21st. "This technique is very commonly used in Human Operated Ransomware and other attacks - this control will make brute forcing much harder which is awesome!".
"In an effort to prevent further brute force attacks/attempts, we are implementing account lockouts for Administrator accounts," Microsoft said today.
"Beginning with the October 11, 2022 or later Windows cumulative updates, a local policy will be available to enable local administrator account lockouts."
Admins who want to toggle on this additional defense against brute force attacks can find the "Allow Administrator account lockout" policy under Local Computer PolicyComputer ConfigurationWindows SettingsSecurity SettingsAccount PoliciesAccount Lockout Policies.
This group policy will be enabled by default on all new machines running Windows 11 22H2 or those where the October 2022 Windows cumulative updates were installed before the initial setup when the Security Account Manager database that stores the users' passwords is first instantiated on the new machine.