Microsoft RDP file security guidance
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Microsoft issued RDP mitigation guidance that restricts which .rdp files users can open and recommends migrating trusted publishers to SHA-256 thumbprints, reducing phishing risk for Remote Desktop users.
Related Happenings
Microsoft Windows 10 KB5099539 extended security update
Security Patch Release
H score16
First: 14.07.2026 21:49
Last: 14.07.2026 21:49
Sources 1
How related:
Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes.
About this happening:
**Microsoft** released **Windows 10 KB5099539**, a security update bundle for **Windows 10 ESU** that rolls in **July 2026 Patch Tuesday** fixes for **570 vulnerabilities**. The p...
Microsoft Windows 10 KB5099539 extended security update
Security Patch ReleaseHow related: Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes.
About this happening: **Microsoft** released **Windows 10 KB5099539**, a security update bundle for **Windows 10 ESU** that rolls in **July 2026 Patch Tuesday** fixes for **570 vulnerabilities**. The p...
Windows Collaborative Translation Framework CTFMON improper link resolution EoP security flaw (CVE-2026-45586)
Vulnerability
H score20
First: 09.06.2026 20:57
Last: 09.06.2026 20:57
Sources 1
About this happening:
**Windows Collaborative Translation Framework (CTFMON)** has a **local privilege-escalation vulnerability**, **CVE-2026-45586**, that Microsoft patched in **June 2026**. An author...
Windows Collaborative Translation Framework CTFMON improper link resolution EoP security flaw (CVE-2026-45586)
VulnerabilityAbout this happening: **Windows Collaborative Translation Framework (CTFMON)** has a **local privilege-escalation vulnerability**, **CVE-2026-45586**, that Microsoft patched in **June 2026**. An author...
Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Advisory/Mitigation
H score32
First: 20.05.2026 10:31
Last: 20.05.2026 10:31
Sources 1
About this happening:
**Windows BitLocker** **YellowKey** (**CVE-2026-45585**) moved from interim mitigation to patch status after **Microsoft** fixed it in **June 2026 Patch Tuesday**. The **Windows R...
Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Advisory/MitigationAbout this happening: **Windows BitLocker** **YellowKey** (**CVE-2026-45585**) moved from interim mitigation to patch status after **Microsoft** fixed it in **June 2026 Patch Tuesday**. The **Windows R...
Latest development: 10.06.2026 12:57
On Tuesday, Microsoft fixed YellowKey (CVE-2026-45585) as part of its June 2026 Patch Tuesday updates and shared mitigation measures for the Windows Recovery Environment backdoor. The flaw affects unpatched Windows 11 and Windows Server 2022/2025 systems and can let attackers with physical access bypass BitLocker protection on targeted devices.
KongTuke Microsoft Teams initial access campaign
Campaign
H score42
First: 14.05.2026 15:12
Last: 14.05.2026 15:12
Sources 1
About this happening:
The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...
KongTuke Microsoft Teams initial access campaign
CampaignAbout this happening: The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...
MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy
Campaign
H score37
First: 06.05.2026 16:02
Last: 06.05.2026 16:02
Sources 1
About this happening:
The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...
MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy
CampaignAbout this happening: The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...
Timeline
-
14.07.2026 21:49 2 articles · 1h ago
Microsoft issues Group Policy guidance to restrict .rdp file access
Mitigation Patch UpdateMicrosoft issued guidance for managing RDP file security through Group Policy, telling administrators to control which .rdp files users can open to reduce phishing risk and to migrate trusted RDP publishers to SHA-256 thumbprints or a stronger algorithm before SHA-1 support is removed.
Show sources
- Microsoft releases Windows 10 KB5099539 extended security update — www.bleepingcomputer.com — 14.07.2026 21:49
- Microsoft releases Windows 10 KB5099539 extended security update — www.bleepingcomputer.com — 14.07.2026 21:49