Windows 11 Build 25206 Limits Brute Force Attacks

Windows 11 Insider UpdateWindows 11 Insider Update

The Insiders on the Dev channel are now receiving Build 25206 for their Windows 11 OS. After the release of the first feature update for the OS on the stable channel, Microsoft is now focusing again on the Insider channels.

This update includes several fixes and improvements, but the highlight is the SMB authentication rate limiter. This feature adds delays to brute force attacks, significantly reducing the attempts per minute. With this, there is also a new known issue with the flight.

Let’s take a closer look at the improvements, fixes, and issues this update has before proceeding to install it.

New in Windows 11 Build 25206

Changes to SMB Authentication Rate Limiter

The SMB authentication rate limiter was first introduced in March 2022 for Windows Server. This feature is now coming to Windows 11 Dev channel.

The SMB server runs by default on all Windows versions. If an attacker got to know of a username, they could then send login attempts at an alarming rate, trying to gain access to the machine.

The SMB authentication rate limiter automatically delays a second attempt by 2 seconds when an incorrect login attempt is made. This means that if an attacker is previously sending 300 login attempts per second (90,000 attempts in 5 minutes), with the rate limiter enabled, it will now take them at least 50 hours to send the same number of login attempts.

Even though this security feature does not block brute force attacks, it certainly discourages them, and maybe the attacker might become frustrated and quit the attack.

You can get the current SMB server details by running the following cmdlet in an elevated PowerShell:

Get-SmbServerConfiguration 
Get SMB server details
Get SMB server details

The time delay can also be variable. You can set the time delay for the limiter by running the following cmdlet in an elevated PowerShell instance while replacing “n” with the delay time in milliseconds:

Note: The time delay is in milliseconds and must be a multiple of 100, ranging between 0 (disables the SMB authentication rate limiter) and 10000.

Set-SmbServerConfiguration -InvalidAuthenticationDelayTimeInMs n

To confirm. enter “Y.”

Change SMB authentication time delay
Change SMB authentication time delay

Dynamic Refresh Rate (DRR) on External Displays

Insiders can now use Dynamic Refresh Rate (DRR) for external display devices to conserve power. Enabling this feature will vary the refresh rate automatically as needed. This will maintain the quality of the display whilst conserving energy.

However, there are some limitations to using this feature:

  • The external display device must be at least 120 Hz plus.
  • The display device must have Variable Refresh Rate (VRR) support.
  • Your device must have a WDDM 3.1 driver or higher installed

You can enable or disable DRR at the following location:

Settings app >> System >> Display >> Advanced Display >> Refresh Rate

Other Improvements and Fixes

Other changes and fixes have also been made with this flight:

  • [General]
    • The updated “Open with” dialog box is now available to all Windows Insiders in the Dev Channel.
    • OneDrive setup should no longer unexpectedly ask for permission to set up every time your PC reboots.
    • A high-hitting explorer.exe crash that was impacting some Insiders is now fixed.
  • [File Explorer]
    • Search from File Explorer Home will show recent file activity for cloud files in Details View.
  • [Input]
    • Microsoft is now rolling out a change to support the use of clipboard history (WIN + V) on password fields.
  • [Settings]
    • A Settings crash that could happen when searching and selecting certain Narrator-related settings has been fixed.
  • [Search]
    • A high-hitting search crash that was impacting some Insiders in the last few flights is addressed.
  • [Other]
    • The Windows Sandbox window should now resize correctly if you snap it to the side of the screen.
    • An issue that could lead to a memory leak in Windows Error Reporting after certain crashes has been fixed.
    • If the focus is on the desktop, then pressing the ALT + F4 shortcut keys and Enter should now shut down your PC, rather than having to move the keyboard focus first.
    • The computer icon is now showing again in the Shut Down Windows dialog.

With these new features, improvements, and fixes, there are also known issues with this flight.

Known Issues

  • [General]
    • There’s an issue where a “date, time and time zone settings are incorrect” message is improperly displayed and prevents the installation from proceeding further.
    • Using the “Reset this PC” option to reset your PC will break UWP apps post-reset. If you need to reset your device on Builds 25201 or higher, please back up your files manually and use the latest ISO available to perform a clean install.
    • There are reports that the audio stopped working for some Insiders after upgrading to the latest flights.
    • There are reports of a few different apps having started crashing in recent builds.
  • [File Explorer]
    • An issue where command bar items like copy, paste, and empty recycle bin may unexpectedly not be enabled when they should be.
  • [Settings]
    • There are some issues where uninstalling certain apps using Settings >> Apps >> Installed apps isn’t working correctly.
  • [Tablet-Optimized taskbar]
    • The taskbar sometimes flashes when transitioning between desktop posture and tablet posture.
    • The taskbar takes longer than expected to transition to the touch-optimized version when switching between desktop posture and tablet posture.
    • Using the left or right edge gestures can result in the Widgets or Notification Center (respectively) to overlap with or look truncated by the taskbar.
    • When using the bottom right edge gesture to see Quick Settings, the taskbar sometimes stays stuck in the expanded state, instead of dismissing to the collapsed state.
    • When there are no running windows on the desktop, the taskbar can sometimes collapse, when it should be expanded.
  • [Widgets]
    • In right-to-left display languages like Arabic, content animates out of view before the widgets board resizes when clicking to the expanded view of the widgets board.
    • The notification badge number may appear misaligned on the taskbar.

How to Install Windows 11 Build 25206

To install this update, you need to be running Windows 11 and subscribed to the Dev channel. If you have enabled Windows updates, you will automatically get a “New features are ready to install” prompt.

If not, follow these steps to install the update:

  1. Navigate to the Settings app and then click Windows Update on the left.

  2. Here, click Check for updates on the right side of the window.

    check for updates Windows 11
    Check for pending updates
  3. You will then see the following update available under Updates available to download:

    Windows 11 Insider Preview 25206.1000
    
    
    
     (rs_prerelease)

    Click Download and install in front of it.

    Download and install 3
    Download and install 3
  4. Once the update downloads and installs, click Restart Now to finalize the installation.

    Restart computer 4
    Restart computer

Once the computer restarts, you can verify that the OS has been updated to the build specified by typing in winver in the Run Command box.

updated 6
Update successfully installed

Rollback/Remove Windows 11 Insider Preview Update

If you do not wish to keep the installed preview update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.

To roll back after 10 days, you will need to apply this trick.

Cleanup After Installing Windows Updates

If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:

DISM.exe /Online /Cleanup-Image /AnalyzeComponentStore
DISM.exe /Online /Cleanup-Image /StartComponentCleanup
dism cleanup
DISM cleanup

Windows 11 Insider Preview updates history

BuildRelease DateFeatures added
Windows 11 Build 2522719-Oct-22Improvements to Windows Update management, pop-up trailer preview in Microsoft Store, monoline icons in widgets board.
Windows 11 Build 252176-Oct-22Supports third-party widgets, new video calling experience in the taskbar, Simplified Chinese IME cloud suggestions, and Microsoft Store improvements
Windows 11 Build 2521129-Sep-22New Widget Settings and Widget Picker, New Outlook for Windows experience, Task Manager in the taskbar context menu
Windows 11 Build 2520621-Sep-22SMB authentication rate limiter and dynamic refresh rate
Windows 11 Build 2520114-Sep-22Expandable widgets board and sign-in option in Game Pass widget
Windows 11 Build 251978-Sep-22Tablet-optimized taskbar restored, animated icons introduced in the Settings app, system tray icons updated
Windows 11 Build 251931-Sep-22New Braille support for Narrator and Xbox subscription management from the Settings app
Windows 11 Build 2518824-Aug-22Intelligent touch keyboard when the physical keyboard detached
Windows 11 Build 2516928-Jul-22Added App lockdown feature
Windows 11 Build 2512625-May-22Improved account settings page
Windows 11 Build 2512018-May-22Added search widget on Desktop/
Windows 11 Build 2511511-May-22Added suggested actions feature
Windows 11 Build 226165-May-22Improved Xbox controller bar
Windows 11 Build 2259813-Apr-22Improved Windows Media Player, Windows Spotlight default background
Windows 11 Build 225936-Apr-22Homepage to Windows Explorer
Windows 11 Build 2257918-Mar-22Allows naming start menu folders
Windows 11 Build 225729-Mar-22Introducing Microsoft Family and Clipchamp
Windows 11 Build 225672-Mar-22Smart App Control, Focuses On Renewable Energy
Windows 11 Build 2255716-Feb-22Folders of pinned apps, DnD, Focus, Live captions, quick access to Android apps, pin files to Quick Access, and more.
Windows 11 Insider Preview dev channel updates history
If you liked this post, Share it on:

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information

Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

Leave the first comment