{"id":3144,"date":"2026-04-23T23:49:11","date_gmt":"2026-04-23T21:49:11","guid":{"rendered":"https:\/\/itsimple.info\/?p=3144"},"modified":"2026-04-23T23:49:12","modified_gmt":"2026-04-23T21:49:12","slug":"annoying-new-rdp-security-pop-up-in-windows-april-2026-how-to-bypass-it-safely","status":"publish","type":"post","link":"https:\/\/itsimple.info\/?p=3144","title":{"rendered":"Annoying New RDP Security Pop\u2011Up in Windows (April 2026) \u2013 How to Bypass It Safely"},"content":{"rendered":"\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">Annoying New RDP Security Pop\u2011Up in Windows (April 2026) \u2013 How to Bypass It Safely<\/h1>\n\n\n\n<p>If you\u2019ve recently updated Windows 10 or Windows 11 and suddenly started seeing <strong>new \u201csecurity\u201d pop\u2011ups every time you connect via RDP<\/strong>, you\u2019re not alone.<\/p>\n\n\n\n<p>Starting with the <strong>April 2026 cumulative updates<\/strong>, Microsoft introduced new anti\u2011phishing protections for Remote Desktop connections. While the intention is good, the result for admins and power users is\u2026 <strong>annoying<\/strong>.<\/p>\n\n\n\n<p>This post explains:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What changed<\/li>\n\n\n\n<li>Why it happens<\/li>\n\n\n\n<li><strong>Two real-world ways to avoid it<\/strong>\n<ul class=\"wp-block-list\">\n<li>Using MSTSC directly<\/li>\n\n\n\n<li>A registry\u2011based bypass (with caveats)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">What Changed in April 2026?<\/h2>\n\n\n\n<p>Microsoft updated <code>mstsc.exe<\/code> to combat phishing attacks using malicious <code>.rdp<\/code> files (tracked as <strong>CVE\u20112026\u201126151<\/strong>).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">The result:<\/h3>\n\n\n\n<p>When launching an <strong>RDP file<\/strong> (<code>.rdp<\/code>):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A warning dialog appears every time<\/li>\n\n\n\n<li>Clipboard, drives, printers, and devices are <strong>disabled by default<\/strong><\/li>\n\n\n\n<li>You must manually approve resource redirection on each connection<\/li>\n<\/ul>\n\n\n\n<p>Important:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u2705 This <strong>only affects <code>.rdp<\/code> files<\/strong><\/li>\n\n\n\n<li>\u2705 Manually starting RDP with <code>mstsc.exe<\/code> behaves normally<\/li>\n<\/ul>\n\n\n\n<p>Microsoft has <strong>removed the old \u201cDon\u2019t ask me again\u201d option<\/strong> for these dialogs.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Option 1 (Recommended): Start RDP Manually with MSTSC<\/h2>\n\n\n\n<p>If you usually connect to servers using <strong>IP addresses<\/strong> (not FQDN), this is the <strong>cleanest solution<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How to do it<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Press <strong>Win + R<\/strong><\/li>\n\n\n\n<li>Type: mstsc<\/li>\n\n\n\n<li>Enter the <strong>IP address<\/strong> of the server<\/li>\n\n\n\n<li>Connect<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Result<\/h3>\n\n\n\n<p>\u2705 No new security pop\u2011ups<br>\u2705 Clipboard and redirection behave normally<br>\u2705 Works exactly like before April 2026<\/p>\n\n\n\n<p>This is the <strong>best option for admins, jump hosts, and daily operational work<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Option 2: Registry Bypass (Suppress the RDP Warning Dialog)<\/h2>\n\n\n\n<p>Microsoft doesn\u2019t document this officially, but <strong>it currently works<\/strong>.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u26a0\ufe0f <strong>Important:<\/strong> This disables part of Microsoft\u2019s new phishing protection.<br>Use it <strong>only on trusted admin machines<\/strong>, not end\u2011user laptops.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Registry Key<\/h3>\n\n\n\n<p><strong>Path<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Terminal Services\\Client\n<\/code><\/pre>\n\n\n\n<p><strong>Value<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Name: RedirectionWarningDialogVersion\nType: REG_DWORD\nData: 1\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">What this does<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suppresses the new <strong>resource redirection warning dialog<\/strong><\/li>\n\n\n\n<li>Restores pre\u2011April\u20112026 RDP behavior<\/li>\n\n\n\n<li>Applies to <strong>all users on the machine<\/strong><\/li>\n\n\n\n<li>No reboot required<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">PowerShell (Run as Administrator)<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>New-Item -Path \"HKLM:\\Software\\Policies\\Microsoft\\Windows NT\\Terminal Services\\Client\" -Force | Out-Null; New-ItemProperty -Path \"HKLM:\\Software\\Policies\\Microsoft\\Windows NT\\Terminal Services\\Client\" -Name \"RedirectionWarningDialogVersion\" -PropertyType DWord -Value 1 -Force<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Notes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u2705 GPO\u2011friendly (lives under <code>Policies<\/code>)<\/li>\n\n\n\n<li>\u2705 Works on Windows 10 &amp; 11 (as of April 2026)<\/li>\n\n\n\n<li>\u274c Not supported or guaranteed long\u2011term<\/li>\n\n\n\n<li>\u274c May be removed in future updates<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">What This Does <em>Not<\/em> Fix<\/h2>\n\n\n\n<p>This registry key:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u274c Does <strong>not<\/strong> fix certificate trust warnings<\/li>\n\n\n\n<li>\u274c Does <strong>not<\/strong> sign <code>.rdp<\/code> files<\/li>\n\n\n\n<li>\u274c Does <strong>not<\/strong> affect manual MSTSC connections (they already work)<\/li>\n<\/ul>\n\n\n\n<p>For certificate warnings:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use proper RDP certificates<\/li>\n\n\n\n<li>Or connect using a hostname that matches the certificate<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Which Option Should You Use?<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Scenario<\/th><th>Recommendation<\/th><\/tr><\/thead><tbody><tr><td>Admin connecting to servers<\/td><td><strong>Use MSTSC directly<\/strong> \u2705<\/td><\/tr><tr><td>Jump server \/ bastion host<\/td><td>Registry bypass \u2705<\/td><\/tr><tr><td>End\u2011users opening <code>.rdp<\/code> files<\/td><td><strong>Do NOT bypass<\/strong> \ud83d\udeab<\/td><\/tr><tr><td>Security\u2011sensitive environments<\/td><td>Educate users \u2705<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Final Thoughts<\/h2>\n\n\n\n<p>Microsoft is clearly pushing users away from blindly opening <code>.rdp<\/code> files \u2014 and from a security perspective, they\u2019re not wrong.<\/p>\n\n\n\n<p>But for <strong>admins who know exactly where they\u2019re connecting<\/strong>, the new behavior is unnecessary friction.<\/p>\n\n\n\n<p><strong>Best practice today:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <code>mstsc<\/code> directly<\/li>\n\n\n\n<li>Reserve the registry bypass for trusted admin machines<\/li>\n\n\n\n<li>Avoid <code>.rdp<\/code> files unless you really need them<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Annoying New RDP Security Pop\u2011Up in Windows (April 2026) \u2013 How to Bypass It Safely If you\u2019ve recently updated Windows 10 or Windows 11 and suddenly started seeing new \u201csecurity\u201d pop\u2011ups every time you connect via RDP, you\u2019re not alone. Starting with the April 2026 cumulative updates, Microsoft introduced new anti\u2011phishing protections for Remote Desktop [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,12,14,15],"tags":[],"class_list":["post-3144","post","type-post","status-publish","format-standard","hentry","category-security","category-tutorials","category-windows","category-windows-server"],"_links":{"self":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/3144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3144"}],"version-history":[{"count":1,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/3144\/revisions"}],"predecessor-version":[{"id":3145,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/3144\/revisions\/3145"}],"wp:attachment":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}