ACO/April2026-RDPPopupBypass
1
1
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

Added in readme. Added in additional error detection and failure states.

Browse source
This commit is contained in:
Tanner van Teeffelen 2026-05-08 16:07:14 -04:00
parent 53be8025fc
commit 228118ce85
2 changed files with 89 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
RDPSign.ps1
View file

@ -1,27 +1,60 @@
# ============================================================================== <#
# SIGN RDP CONNECTION FILES YOU CREATE ON THE MACHINE USING A SELF-SIGNED CERTIFICATE TO SUPRESS APRIL 2026 RDP SECURITY UPDATE WARNINGS WHEN OPENING REMOTE DESKTOP FILES April2026-RDPPopupBypass
# https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/remotepc/understanding-security-warnings#:~:text=When%20an%20RDP%20file%20is,as%20the%20following%20image%20shows. Copyright (c) 2026 ACO Services Inc.
# https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26151 Developed by Tanner Van Teeffelen
# NOTE!! THIS WILL NO LONGER SHOW THE "Remote Desktop Connection security warning" FOR ANY SIGNED FILES AND ENSURES THESE FILES CAN'T BE MODIFIED AFTER SIGNING WITHOUT INVALIDATING THE SIGNATURE, WHICH WILL MAKE THE WARNING REAPPAER
# NOTE!! ANY GPO THAT MODIFIES "Specify SHA1 thumbprints of certificates that represent trusted .rdp publishers" WILL OVERWRITE THE SETTINGS CREATED BY THIS SCRIPT CAUSING THE SIGNED RDP FILE TO SHOW A WARNING AGAIN This project contains code derived from:
# IF YOU ARE IMPLEMENTING A GPO SOLUTION KEEP THIS IN MIND OR TRY TO ENSURE THAT THE GPO COMMA APPENDS TO THE EXISTING VALUES OF THE KEY ALREADY EXISTS (NOT STANDARD BEHAVIOUR) April-2026-security-update-Remote-Desktop-Conection-security-warning
# "THE SCRIPT IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND..." Copyright (c) IanVanLier
# ==============================================================================
Licensed under the MIT License
#>
Clear-Host
Add-Type -AssemblyName System.Windows.Forms Add-Type -AssemblyName System.Windows.Forms
if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(` [Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Host "Insufficient permissions to run this script. Please run this as an administrator.`n" -ForegroundColor Red
$HOST.UI.RawUI.ReadKey(NoEcho,IncludeKeyDown) | OUT-NULL
$HOST.UI.RawUI.Flushinputbuffer()
exit 1
}
Write-Host "-------------------------------------------" -ForegroundColor Blue
Write-Host "|Developed by Tanner Van Teeffelen |" -ForegroundColor Blue
Write-Host "|Copyright ACO Services Inc. 2021 |" -ForegroundColor Blue
Write-Host "|Based on MIT-licensed work by IanVanLier |" -ForegroundColor Blue
Write-Host "-------------------------------------------`n" -ForegroundColor Blue
# 1. Configuration # 1. Configuration
$rdpFile $rdpFile
$certSubjectName = "ACO" $certSubjectName
$certSubject = "CN=$certSubjectName"
$FileBrowser = New-Object System.Windows.Forms.OpenFileDialog $FileBrowser = New-Object System.Windows.Forms.OpenFileDialog
$FileBrowser.Filter = "RDP Files (*.rdp)|*.rdp|All Files (*.*)|*.*"
$FileBrowser.DefaultExt = "rdp"
$FileBrowser.Title = "Select an RDP file." $FileBrowser.Title = "Select an RDP file."
if ($FileBrowser.ShowDialog() -eq "OK") { if ($FileBrowser.ShowDialog() -eq "OK") {
$rdpFile = $FileBrowser.FileName $rdpFile = $FileBrowser.FileName
} else {
Write-Host "File browser dialog closed. Please try again and select an .rdp file." -ForegroundColor Red
$HOST.UI.RawUI.ReadKey(NoEcho,IncludeKeyDown) | OUT-NULL
$HOST.UI.RawUI.Flushinputbuffer()
exit 2
} }
if ([IO.Path]::GetExtension($rdpFile) -ne ".rdp") {
Write-Host "Invalid file type. Please try again and select an .rdp file." -ForegroundColor Red
$HOST.UI.RawUI.ReadKey(NoEcho,IncludeKeyDown) | OUT-NULL
$HOST.UI.RawUI.Flushinputbuffer()
exit 3
}
$certSubjectName = Read-Host "Please type in your desired certificate subject name (e.g. 'CompanyNameIT-RDP')"
$certSubject = "CN=$certSubjectName"
# 2. Check for existing certificate # 2. Check for existing certificate
Write-Host "Searching for existing certificate: $certSubjectName..." -ForegroundColor Cyan Write-Host "Searching for existing certificate: $certSubjectName..." -ForegroundColor Cyan
$existingCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -eq $certSubject } | Select-Object -First 1 $existingCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -eq $certSubject } | Select-Object -First 1

40
README.md Normal file
View file

@ -0,0 +1,40 @@
# April 2026 RDP Popup Bypass
## Copyright
Copyright (c) ACO Services Inc. 2026
Developed by Tanner Van Teeffelen
Based on MIT-licensed work by Ian Van Lier
Original repository:
https://github.com/IanVanLier/April-2026-security-update-Remote-Desktop-Conection-security-warning-
---
## Instructions
Run `RDPSign.bat` as Administrator.
---
## License (MIT)
```
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
```