this attack no longer works on Windows

Microsoft works tirelessly with Windows to introduce the greatest number of security measures against attacks. There are many cybercriminals who are dedicated to looking for any crack in it to attack computers from all over the world, which is why the work that Microsoft does in terms of security with Windows is so important. In fact, the latest builds of Windows 11 already block one of the most frequent attacks suffered by computers with this operating system. We tell you more about it.

From now on, hackers will not be able to attack Windows 11 computers thanks to this new measure that Microsoft’s development teams have added to the company’s new operating system. This new measure is also available for Windows 10, but unfortunately not enabled by defaultwhich allows cybercriminals to continue using this type of attack against computers with this version of the operating system.

Windows 11 says goodbye to these attacks

As we say, the latest builds of Windows 11 come with an account lockout policy enabled by default, which will automatically lock user accounts (including administrator) after 10 failed login attempts for 10 minutes. With this, what is tried to avoid are brute force attacksin which attackers use programs to guess the user’s password, using dozens of login attempts to do so.

These brute force attacks are very popular with hackers as it is a relatively easy way to attack a person’s computer. These attacks are made through what is known as Remote Desktop Protocol (or RDP for its acronym in English), in which cybercriminals attack another person’s computer using a remote desktop, and from it they try to guess a user’s password using brute force attacks.

The use of RDPs to attack business computers is most common among cybercriminals. In fact, the FBI estimates that RDP is responsible for 70-80% of all network breaches that lead to ransomware attacks. This new directive will already be implemented in the latest builds of Windows 11, so if we have the updated operating system we will not have to do absolutely anything for it.

In Windows 10 things will be a little different as you already know, since although it is available in this operating system, it will not be by default. To activate it we will have to follow some steps that may be somewhat advanced, but if you follow it to the letter you should not have any problem. The steps to follow are those:

  • Type run in the Windows search window or press the shortcut Windows+R
  • Type in the run window «gpedit.msc» and press Enter
    • A new window will appear
  • Under Computer Configuration, tap Windows Settings
  • Once the drop-down is open, click on Security Settings
  • Tap Account Policies, and then tap Account lockout policy
  • In the window on the right, click on account lockout threshold
  • Set a threshold of 10 wrong attempts or as many as you want

This improvement that Windows has introduced may seem small, but the truth is that it is of great importance. RDP servers, especially those used by telecommuters to access corporate sites, are directly exposed to the Internetso they can be the target of attack if they are not well configured. These attacks have been on the rise since at least 2016, beginning with the rise of sites on the dark web selling access to vulnerable RDPs.