Annoying New RDP Security Pop‑Up in Windows (April 2026) – How to Bypass It Safely

0 Security, Tutorials, Windows, Windows server,

Annoying New RDP Security Pop‑Up in Windows (April 2026) – How to Bypass It Safely

If you’ve recently updated Windows 10 or Windows 11 and suddenly started seeing new “security” pop‑ups every time you connect via RDP, you’re not alone.

Starting with the April 2026 cumulative updates, Microsoft introduced new anti‑phishing protections for Remote Desktop connections. While the intention is good, the result for admins and power users is… annoying.

This post explains:

  • What changed
  • Why it happens
  • Two real-world ways to avoid it
    • Using MSTSC directly
    • A registry‑based bypass (with caveats)

What Changed in April 2026?

Microsoft updated mstsc.exe to combat phishing attacks using malicious .rdp files (tracked as CVE‑2026‑26151).

The result:

When launching an RDP file (.rdp):

  • A warning dialog appears every time
  • Clipboard, drives, printers, and devices are disabled by default
  • You must manually approve resource redirection on each connection

Important:

  • ✅ This only affects .rdp files
  • ✅ Manually starting RDP with mstsc.exe behaves normally

Microsoft has removed the old “Don’t ask me again” option for these dialogs.

Option 1 (Recommended): Start RDP Manually with MSTSC

If you usually connect to servers using IP addresses (not FQDN), this is the cleanest solution.

How to do it

  1. Press Win + R
  2. Type: mstsc
  3. Enter the IP address of the server
  4. Connect

Result

✅ No new security pop‑ups
✅ Clipboard and redirection behave normally
✅ Works exactly like before April 2026

This is the best option for admins, jump hosts, and daily operational work.

Option 2: Registry Bypass (Suppress the RDP Warning Dialog)

Microsoft doesn’t document this officially, but it currently works.

⚠️ Important: This disables part of Microsoft’s new phishing protection.
Use it only on trusted admin machines, not end‑user laptops.

Registry Key

Path

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Terminal Services\Client

Value

Name: RedirectionWarningDialogVersion
Type: REG_DWORD
Data: 1

What this does

  • Suppresses the new resource redirection warning dialog
  • Restores pre‑April‑2026 RDP behavior
  • Applies to all users on the machine
  • No reboot required

PowerShell (Run as Administrator)

New-Item -Path "HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\Client" -Force | Out-Null; New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\Client" -Name "RedirectionWarningDialogVersion" -PropertyType DWord -Value 1 -Force

Notes

  • ✅ GPO‑friendly (lives under Policies)
  • ✅ Works on Windows 10 & 11 (as of April 2026)
  • ❌ Not supported or guaranteed long‑term
  • ❌ May be removed in future updates

What This Does Not Fix

This registry key:

  • ❌ Does not fix certificate trust warnings
  • ❌ Does not sign .rdp files
  • ❌ Does not affect manual MSTSC connections (they already work)

For certificate warnings:

  • Use proper RDP certificates
  • Or connect using a hostname that matches the certificate

Which Option Should You Use?

ScenarioRecommendation
Admin connecting to serversUse MSTSC directly
Jump server / bastion hostRegistry bypass ✅
End‑users opening .rdp filesDo NOT bypass 🚫
Security‑sensitive environmentsEducate users ✅

Final Thoughts

Microsoft is clearly pushing users away from blindly opening .rdp files — and from a security perspective, they’re not wrong.

But for admins who know exactly where they’re connecting, the new behavior is unnecessary friction.

Best practice today:

  • Use mstsc directly
  • Reserve the registry bypass for trusted admin machines
  • Avoid .rdp files unless you really need them

Leave a Reply

Your email address will not be published. Required fields are marked *