Not a user yet?
Log in Register for free Suggest a product
Update

KB5082123:improves protection against phishing attacks that use Remote Desktop (.rdp) files.

Windows Server 2019Windows Server 2019
Microsoft

April 14, 2026—KB5082123 (OS Build 17763.8644)

Summary
This article lists the security issues and quality improvements included in this security update.

This security update includes fixes and quality improvements that are part of the following update:

- March 10, 2026—KB5078752 (OS Build 17763.8511)
The following is a summary of the issues that this update addresses when you install this update. The bold text within the brackets indicates the item or area of the change we are documenting.

- [PowerShell (known issue)] Fixed: After installing Windows updates released on or after January 13, 2026, Japanese language installations of Windows Server 2019 might not correctly display Japanese characters in the PowerShell console.

  • [Remote Desktop] This update improves protection against phishing attacks that use Remote Desktop (.rdp) files. When you open an .rdp file, Remote Desktop shows all requested connection settings before it connects, with each setting turned off by default. A one-time security warning also appears the first time you open an .rdp file on a device. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.
  • [Windows Deployment Services (WDS)] This update disables the “Hands-Free Deployment” feature in WDS by default and is no longer a supported feature. For more information about this change, see Windows Deployment Services (WDS) Hands-Free Deployment Hardening Guidance related to CVE-2026-0386.
  • [Kerberos protocol] This update changes the default DefaultDomainSupportedEncTypes value for Kerberos Key Distribution Center (KDC) operations to leverage AES-SHA1 for accounts that do not have an explicit msds-SupportedEncryptionTypes Active Directory attribute defined. For more information see, How to manage Kerberos KDC usage of RC4 for service account ticket issuance changes related to CVE-2026-20833.

[Secure Boot]

  • ​​​​​​​This update enables dynamic status reporting for Secure Boot states in the Windows Security App (Settings > Update & Security > Windows Security). Learn more about the status alerts via badges and notifications. Note that these enhancements are disabled by default on commercial devices and servers.
  • This update fixes an issue that could cause a device to enter BitLocker Recovery after Secure Boot updates.
  • With this update, Windows quality updates include additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad