topic Re: Windows Security Popup (CredentialUIBroker.exe) in Product Forum

Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Wed, 21 Jan 2026 12:24:09 GMT

We have recently been impacted by the latest Windows Update (KB5074109). We run processes for clients and internally that launch RemoteApps through various means, Remote Desktop Connection Center / Saved .RDP files which causes the Windows Security popup to appear (CredentialUIBroker.exe).

We've always attached to this process and entered creds and then built the system that launches using Surface Automation. This has run perfectly for years. After this update we can no longer interact with CredentialUIBroker.exe or the Windows Security window. Copilot is now telling us the following:-

The Windows Security prompt is now fully non-automatable
As of January 13, 2026 Patch Tuesday, Microsoft hardened:

Winlogon
Credential UI
Secure Desktop rendering over RDP
These prompts now:

Run on Secure Desktop
Are isolated in Session 0
Block UI Automation, Win32 hooks, accessibility tools
Explicitly prevent programmatic interaction
This is intentional and security-driven, following exploitation of Desktop Window Manager (DWM) vulnerabilities patched in January 2026

We've tried pre-saving credentials using cmdkey, but aren't having any luck with this as yet. For one of our apps we download a digitally signed .rdp and within that file it is set to always prompt from credentials so we can't stop it doing it.

Has anyone found the same issue/found a workaround?

Re: Windows Security Popup (CredentialUIBroker.exe)

naveed_raza — Wed, 21 Jan 2026 13:46:58 GMT

This has to handle and fix by your infrastructure/ RPA COE team by doing image or patch update via policy. We already done this

Re: Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Wed, 21 Jan 2026 15:16:34 GMT

Hi,

Can you explain further what you mean?

Re: Windows Security Popup (CredentialUIBroker.exe)

steven.boggs — Thu, 22 Jan 2026 14:59:20 GMT

Hi Dan,

We'd always recommend to apply O/S-level updates in a lower environment first to test their impact on existing automations before allowing the updates to be applied in Production environments.

Microsoft has released a few Windows updates recently that contain changes to comply with certain EU regulations, including credential pop-ups like the one you describe. It may be the case that with this Windows Update package, the credentials pop-up you were previously able to spy and interact with has been changed (i.e. from an application layer to the system layer), and may require a new Object to be created to interact with it. For example, if the window was previously able to be spied/interacted with from an Object that was interacting with the target application from which the pop-up originated, Windows may have moved that from the application to the system, and you'd need to account for this change in your Process design.

To restore functionality until this change can be accounted for, you could roll back the MSFT KB update in Production after determining which one affected this change, but keep it applied in your Development/Testing environment to create a new Object to interact with the new/changed pop-up window.

Re: Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Thu, 22 Jan 2026 15:22:18 GMT

Thanks Steven,

We've rolled back for now.

The window we attached to was always in its own object. We connected to CredentialUIBroker.exe and a window title of Windows Security, but it seems we can no longer attach to that process. I can see it is still running as that process and window title, but we now can't attach and get the message "Could not open target process". If we run the Blue Prism app as admin, it will then attach.

Re: Windows Security Popup (CredentialUIBroker.exe)

naveed_raza — Thu, 22 Jan 2026 20:29:06 GMT

i will check here with my RPA COE team what fix they have done and will share here

Re: Windows Security Popup (CredentialUIBroker.exe)

Carol.Ouellet — Thu, 22 Jan 2026 22:29:45 GMT

We have noticed the same issue happening in ou non-prod environment this week.

I find it strange that we don't appear to be many groups with this issue.

Since the window cannot be automated, I'd like to hear from Blue Prism.

Re: Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Fri, 23 Jan 2026 09:23:26 GMT

Yes we've logged with Blue Prism and are still waiting to have a call with them, but so far we have no solution. I expected there to be a lot more people affected, but I can only see it mentioned on UiPath forums. It's the first time i've come across something that I can't seem to find a workaround for other than running as admin.

Re: Windows Security Popup (CredentialUIBroker.exe)

naveed_raza — Fri, 23 Jan 2026 10:37:55 GMT

i checked with our RPA COE Team, what they said is , deleting credentials from machines clears it.

they ran this below line of code in command prompt, which will clear all credentials and post that will not get that popup,

rundll32.exe keymgr.dll, KRShowKeyMgr

you can check with your IT team regarding this and try the luck.

Re: Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Fri, 23 Jan 2026 13:55:30 GMT

Blue Prism have responded and are testing suggested workarounds from Microsoft.

Re: Windows Security Popup (CredentialUIBroker.exe)

naveed_raza — Fri, 23 Jan 2026 14:13:15 GMT

okay , let us know , what fix they suggested

Re: Windows Security Popup (CredentialUIBroker.exe)

Carol.Ouellet — Fri, 23 Jan 2026 14:43:03 GMT

[Retracted Reply]

Re: Windows Security Popup (CredentialUIBroker.exe)

Michael_S — Fri, 23 Jan 2026 14:55:26 GMT

Hi all,

Just dropping in to say:

We're aware of the issue and our engineering team investigating
As soon as we have practical advice to share, I'll add it in here for all to use

Please continue to let us know if you have attempted workarounds or fixes that may help the community.

Thank you to @Dan.Lister @Carol.Ouellet @naveed_raza @steven.boggs for raising the issue, highlighting the specific problems with examples and suggesting workarounds.

Re: Windows Security Popup (CredentialUIBroker.exe)

RaimondvandeSteeg — Fri, 23 Jan 2026 15:21:19 GMT

Thanks for the explanation.

Within our organisation, we are required to roll out all Windows updates within two weeks, including on VM’s, due to security vulnerabilities. Because of that, keeping updates limited to Test/ACC only isn’t an option for us — Production will automatically be updated as part of the rollout.

What we mainly expect here is for Blue Prism to proactively identify and communicate the impact of these kinds of changes (e.g. Windows updates that modify UI/system dialogs). Ideally, we’d have early visibility on what changes, how it affects spying/interactions, and a clear workaround or fix pattern so we can prepare before it hits Production.

Re: Windows Security Popup (CredentialUIBroker.exe)

Carol.Ouellet — Fri, 23 Jan 2026 15:47:57 GMT

To add to RaimondvandeSteeg

I think Blue Prism probably has some sort of automated testing suites to check if Patch Mondays break things. If not then this is quite probably buildable. Even having some AI read all the patch notes and try to compare and build recommendations on what to test and what are the possible risks.

Re: Windows Security Popup (CredentialUIBroker.exe)

Michael_S — Fri, 23 Jan 2026 16:44:35 GMT

Hi all,

We have some suggested workarounds for you provided in this article:

https://support.blueprism.com/en/support/solutions/articles/7000096893

We'll continue to update that link with any new information that comes to light, and please feel free to continue to discuss, feedback and share tips here.

Re: Windows Security Popup (CredentialUIBroker.exe)

Michael_S — Fri, 23 Jan 2026 16:47:25 GMT

On a side note - @Carol.Ouellet @RaimondvandeSteeg - really appreciate the feedback and expectations. I'll have a chat with our team internally and see what the process is on our end.

Our best practice advice mirrors @steven.boggs post - we always recommend deploying OS updates in a lower environment before production rollout.

Re: Windows Security Popup (CredentialUIBroker.exe)

Dan.Lister — Fri, 23 Jan 2026 16:58:34 GMT

Thank you for this.