Site icon TechNewsBoy.com

Windows 11 has got a major security update to keep your PC safe

Microsoft has confirmed that Windows 11 now has its Account Lockout Policy activated by default in a bid to cut down on Remote Desktop Services attacks.

A recent security update included with Windows 11 Insider Preview 22528.1000 and newer came with the feature, which automatically locks down Windows accounts after 10 consecutive failed login attempts, the company explained. The lockout period is 10 minutes. 

Microsoft is hoping the move will help put an end to brute-force attacks, in which threat actors try an infinite number of login credential combinations until one works.

Security by default

“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston, Microsoft’s VP for Enterprise and OS Security, tweeted (opens in new tab). “This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome!”

Remote Desktop Services is an immensely popular attack vector among cybercriminals. According to the FBI, anywhere between 70 and 80% of network breaches that result in ransomware attacks start with the Remote Desktop Protocol (RDP). The Covid-19 pandemic only exacerbated the problem, as in 2020, Kaspersky said it observed a huge spike in attacks targeting RDP users. 

RDP allows users to easily connect to their work computers at the office while working remotely which has proven quite useful for many during the pandemic. However, if a cybercriminal is able to gain access to RDP on a user’s computer, they would have the same permissions and access to data and folders that they do, allowing them to, for example, install disable the antivirus (opens in new tab) on the compromised endpoint (opens in new tab).

Back then, Kaspersky said organizations around the world have seen increased generic brute-forcing attacks where cybercriminals utilize automated scripts to try countless combinations of passwords and user IDs in an attempt to find working credentials.

Windows 10 users already have this feature, but users need to activate it first, meaning systems with default setups are vulnerable. Administrators interested in turning the feature on can do so in the Group Policy Management Console.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version