Menu

Blog

Jul 26, 2022

Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11

Posted by in categories: cybercrime/malcode, policy

Microsoft is now taking steps to prevent Remote Desktop Protocol (RDP) brute-force attacks as part of the latest builds for the Windows 11 operating system in an attempt to raise the security baseline to meet the evolving threat landscape.

To that end, the default policy for Windows 11 builds – particularly, Insider Preview builds 22528.1000 and newer – will automatically lock accounts for 10 minutes after 10 invalid sign-in attempts.

“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute-force password vectors,” David Weston, Microsoft’s vice president for OS security and enterprise, said in a series of tweets last week. “This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder which is awesome!”

Leave a reply