Enterremotely on a Windows PC, two main methods are used. Usage already compromised, which are available in the vast free or paid or the so-called brute force attack, which generates until you find the right sesame. But in almost all cases, the weak link that allows you to use one of these two methods on a remote computer remains .
To block or rather mitigate the scope of brute force attacks via RDP,has just responded and is making available a security update for Windows 11. The idea is to simply completely lock out user accounts for about ten minutes in case of re-access via access to that is, when attackers use the famous RDP protocol.
@windowsinsider Win11 builds now have a DEFAULT account lockout policy to brute force RDP and other password vectors. This method is very commonly used in human-controlled ransomware and other attacks – this control method will make it much harder to brute-force, which is great! pic.twitter.com/ZluT1cQQh0
— David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022
David Weston, VP of security at Microsoft, announced the activation of the default lock feature on his Twitter account. © Twitter
Increase attack time to obstruct
The accounts affected by this auto-lock are not only the most sensitive, i.e. administrator accounts, but also restricted user accounts. After ten minutes of blocking, if ten more attempts are made, the account is blocked again for ten minutes. Through this process, brute force attacks are targeted. These temporary account blocking hindrances do nothing to prevent an attack in, but it comes down to their limitation, because they require much longer to be saved on the account. The update is currently only available to recipients . It should also be distributed for Windows 10. If this update adds this lock by default, you should know that in reality it is already possible to activate the feature through the Windows 10 and 11 registry.
Interested in what you just read?