Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft RDP file security guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft issued RDP mitigation guidance that restricts which .rdp files users can open and recommends migrating trusted publishers to SHA-256 thumbprints, reducing phishing risk for Remote Desktop users.

Related Happenings

Microsoft Windows 10 KB5099539 extended security update

Security Patch Release
H score16 First: 14.07.2026 21:49 Last: 14.07.2026 21:49 Sources 1

How related: Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes.

About this happening: **Microsoft** released **Windows 10 KB5099539**, a security update bundle for **Windows 10 ESU** that rolls in **July 2026 Patch Tuesday** fixes for **570 vulnerabilities**. The p...

Windows Collaborative Translation Framework CTFMON improper link resolution EoP security flaw (CVE-2026-45586)

Vulnerability
H score20 First: 09.06.2026 20:57 Last: 09.06.2026 20:57 Sources 1

About this happening: **Windows Collaborative Translation Framework (CTFMON)** has a **local privilege-escalation vulnerability**, **CVE-2026-45586**, that Microsoft patched in **June 2026**. An author...

Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)

Advisory/Mitigation
H score32 First: 20.05.2026 10:31 Last: 20.05.2026 10:31 Sources 1

About this happening: **Windows BitLocker** **YellowKey** (**CVE-2026-45585**) moved from interim mitigation to patch status after **Microsoft** fixed it in **June 2026 Patch Tuesday**. The **Windows R...

Latest development: 10.06.2026 12:57

On Tuesday, Microsoft fixed YellowKey (CVE-2026-45585) as part of its June 2026 Patch Tuesday updates and shared mitigation measures for the Windows Recovery Environment backdoor. The flaw affects unpatched Windows 11 and Windows Server 2022/2025 systems and can let attackers with physical access bypass BitLocker protection on targeted devices.

KongTuke Microsoft Teams initial access campaign

Campaign
H score42 First: 14.05.2026 15:12 Last: 14.05.2026 15:12 Sources 1

About this happening: The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...

MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy

Campaign
H score37 First: 06.05.2026 16:02 Last: 06.05.2026 16:02 Sources 1

About this happening: The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...

Timeline

  1. 14.07.2026 21:49 2 articles · 1h ago

    Microsoft issues Group Policy guidance to restrict .rdp file access

    Mitigation Patch Update

    Microsoft issued guidance for managing RDP file security through Group Policy, telling administrators to control which .rdp files users can open to reduce phishing risk and to migrate trusted RDP publishers to SHA-256 thumbprints or a stronger algorithm before SHA-1 support is removed.

    Show sources