Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Windows Security Popup (CredentialUIBroker.exe)

Go to answer
Dan.Lister
Level 5

‎21-01-26 12:24 PM

We have recently been impacted by the latest Windows Update (KB5074109). We run processes for clients and internally that launch RemoteApps through various means, Remote Desktop Connection Center / Saved .RDP files which causes the Windows Security popup to appear (CredentialUIBroker.exe).

DanLister_0-1768998014592.png

We've always attached to this process and entered creds and then built the system that launches using Surface Automation. This has run perfectly for years. After this update we can no longer interact with CredentialUIBroker.exe or the Windows Security window. Copilot is now telling us the following:- 

The Windows Security prompt is now fully non-automatable
As of January 13, 2026 Patch Tuesday, Microsoft hardened:

Winlogon
Credential UI
Secure Desktop rendering over RDP
These prompts now:

Run on Secure Desktop
Are isolated in Session 0
Block UI Automation, Win32 hooks, accessibility tools
Explicitly prevent programmatic interaction
This is intentional and security-driven, following exploitation of Desktop Window Manager (DWM) vulnerabilities patched in January 2026

We've tried pre-saving credentials using cmdkey, but aren't having any luck with this as yet. For one of our apps we download a digitally signed .rdp and within that file it is set to always prompt from credentials so we can't stop it doing it.

Has anyone found the same issue/found a workaround?

17 REPLIES 17

Go to answer
naveed_raza
Level 9

‎23-01-26 02:13 PM

okay , let us know , what fix they suggested

0 Likes

Go to answer
Carol.Ouellet
Level 6

‎23-01-26 02:41 PM - edited ‎23-01-26 02:43 PM

[Retracted Reply]

0 Likes

Go to answer
Michael_S
Community Team
Community Team

‎23-01-26 02:55 PM

Hi all,

Just dropping in to say:

  1. We're aware of the issue and our engineering team investigating
  2. As soon as we have practical advice to share, I'll add it in here for all to use

Please continue to let us know if you have attempted workarounds or fixes that may help the community.

Thank you to @Dan.Lister @Carol.Ouellet @naveed_raza @steven.boggs for raising the issue, highlighting the specific problems with examples and suggesting workarounds. 

Go to answer
RaimondvandeSteeg
Level 4
In response to steven.boggs

‎23-01-26 03:21 PM

Thanks for the explanation.

Within our organisation, we are required to roll out all Windows updates within two weeks, including on VM’s, due to security vulnerabilities. Because of that, keeping updates limited to Test/ACC only isn’t an option for us — Production will automatically be updated as part of the rollout.

What we mainly expect here is for Blue Prism to proactively identify and communicate the impact of these kinds of changes (e.g. Windows updates that modify UI/system dialogs). Ideally, we’d have early visibility on what changes, how it affects spying/interactions, and a clear workaround or fix pattern so we can prepare before it hits Production.

Go to answer
Carol.Ouellet
Level 6

‎23-01-26 03:47 PM

To add to RaimondvandeSteeg

I think Blue Prism probably has some sort of automated testing suites to check if Patch Mondays break things. If not then this is quite probably buildable. Even having some AI read all the patch notes and try to compare and build recommendations on what to test and what are the possible risks.

0 Likes

Go to answer
Michael_S
Community Team
Community Team

‎23-01-26 04:44 PM

Hi all, 

We have some suggested workarounds for you provided in this article:

https://support.blueprism.com/en/support/solutions/articles/7000096893 

We'll continue to update that link with any new information that comes to light, and please feel free to continue to discuss, feedback and share tips here.

Go to answer
Michael_S
Community Team
Community Team

‎23-01-26 04:47 PM

On a side note - @Carol.Ouellet @RaimondvandeSteeg - really appreciate the feedback and expectations. I'll have a chat with our team internally and see what the process is on our end.

Our best practice advice mirrors @steven.boggs post - we always recommend deploying OS updates in a lower environment before production rollout. 

Go to answer
Dan.Lister
Level 5
In response to Michael_S

‎23-01-26 04:58 PM

Thank you for this.