Remote desktop technologies remain an essential component of modern enterprise IT, enabling secure administration of servers, virtual desktops, cloud infrastructure, and remote work environments. As organizations increasingly rely on Remote Desktop Protocol (RDP) for managing distributed systems, maintaining secure and up-to-date RDP implementations has become a critical cybersecurity priority.
The release of FreeRDP 3.28 addresses this need by delivering multiple security fixes, platform enhancements, and significant improvements across Windows, Android, macOS, and iOS clients. In addition to resolving several security vulnerabilities, the release revives the long-dormant iOS client and introduces numerous stability, performance, and developer-focused improvements that strengthen FreeRDP’s position as one of the leading open-source Remote Desktop Protocol implementations.
Security Takes Center Stage
The primary focus of FreeRDP 3.28 is security. The release addresses multiple vulnerabilities tracked as CVE-2026-57156, CVE-2026-57157, and CVE-2026-57158, resolving issues that affect various components responsible for processing Remote Desktop Protocol communications.
The security updates improve input validation and strengthen bounds checking across several subsystems, reducing the risk of memory corruption and unexpected application behavior. The development team also hardened clipboard handling, virtual channel communication, multimedia codec processing, smartcard authentication, and device redirection components, all of which represent critical attack surfaces in enterprise remote desktop deployments.
Because FreeRDP is widely integrated into Linux distributions, virtualization platforms, remote desktop gateways, and third-party management solutions, organizations using FreeRDP-based clients are strongly encouraged to deploy the latest release as part of their regular security maintenance cycle.
iFreeRDP Returns with Modernized iOS Support
One of the most notable additions in FreeRDP 3.28 is the return of iFreeRDP, the project’s native iOS client. Although mobile remote administration continues to grow in enterprise environments, the iOS client had received limited attention in recent development cycles.
This release modernizes the application’s build infrastructure by removing deprecated components, improving compatibility with current iOS development tools, introducing updated CMake integration, and adding support for the OpenH264 multimedia library. These changes establish a stronger foundation for future mobile development while making the client easier to maintain across Apple’s evolving software ecosystem.
The revival of iFreeRDP demonstrates the project’s renewed commitment to supporting enterprise administrators who increasingly manage infrastructure from mobile devices.
Android Platform Receives Significant Improvements
Android users also benefit from a substantial set of enhancements in FreeRDP 3.28. The release introduces support for RISC-V 64-bit architectures, reflecting the growing adoption of open processor architectures across embedded systems and emerging enterprise hardware platforms.
Developers now have greater flexibility when producing release builds through improved configuration options, including the ability to override application version names and version codes during compilation. The Android client also receives a redesigned touch pointer interface, improving usability on touchscreen devices, while external dependencies have been reorganized into dedicated CMake configuration files to simplify project maintenance.
Collectively, these changes improve both the user experience and long-term maintainability of the Android platform.
Windows Client Enhancements Improve User Experience
FreeRDP’s Windows client, wfreerdp, also receives several usability improvements aimed at enhancing everyday remote administration workflows.
The fullscreen floating toolbar has been refined to provide a smoother user experience during remote sessions, while scrollbar behavior has been corrected to eliminate unintended scroll offset resets when interface elements are hidden. Additional Windows-specific updates improve compatibility with Microsoft Visual C++ (MSVC), address CredSSP-related issues, and resolve x86 calling convention inconsistencies that could affect application stability on certain systems.
Although these improvements may appear incremental, they contribute to a more reliable remote desktop experience for enterprise administrators who depend on Windows workstations for infrastructure management.
Smartcard Authentication Continues to Evolve
Authentication remains a key area of development within FreeRDP 3.28. The project introduces a new server-side smartcard API while also delivering several improvements to smartcard validation and authentication workflows.
Smartcards continue to play an important role in enterprise identity management, particularly within government agencies, financial institutions, healthcare organizations, and regulated industries that require strong multi-factor authentication. The enhancements introduced in this release improve both compatibility and reliability while providing developers with a more flexible foundation for integrating smartcard functionality into custom remote desktop solutions.
Expanded Monitoring and Channel Statistics
Operational visibility has also been enhanced through updates to the client statistics interface. FreeRDP 3.28 now extends statistical reporting to include static virtual channels, providing administrators and developers with more detailed insight into channel performance during remote desktop sessions.
These improvements can assist organizations in troubleshooting performance bottlenecks, monitoring bandwidth utilization, and diagnosing communication issues across increasingly complex enterprise environments.
SDL and macOS Clients Gain Stability Improvements
Cross-platform support continues to improve with several updates affecting both the SDL and macOS clients.
The SDL client introduces stronger clipboard security mechanisms, integrates Askpass support for authentication workflows, resolves notification handling issues, and corrects natural scrolling behavior for both mouse and touchpad input. These refinements improve usability while reducing potential security concerns associated with clipboard operations during remote sessions.
On macOS, developers have enhanced audio subsystem resilience by allowing sound playback to recover automatically following AVAudioEngine configuration changes. This improvement provides a more consistent multimedia experience during long-running remote desktop sessions.
Reliability Improvements Strengthen Core Functionality
Beyond its platform-specific enhancements, FreeRDP 3.28 incorporates numerous reliability improvements throughout the project.
The release improves diagnostic logging for failed connections, strengthens validation of Remote Assistance and camera virtual channel data, limits video frame copies to the active rendering surface, hardens parser validation within WinPR, and resolves several issues affecting clipboard synchronization, audio channels, RDP device redirection, and gateway processing.
The development team has also addressed a potential gateway-related segmentation fault within the WinPR library, further improving application stability under demanding networking scenarios.
While many of these changes operate behind the scenes, they collectively contribute to a more secure and dependable remote desktop platform suitable for enterprise production environments.
Enterprise Perspective
FreeRDP 3.28 represents a security-driven release that extends well beyond routine maintenance. By addressing multiple security vulnerabilities, modernizing mobile platform support, strengthening authentication mechanisms, and improving cross-platform stability, the project continues to mature as a trusted open-source alternative for enterprise remote desktop connectivity.
Organizations using FreeRDP within virtual desktop infrastructure (VDI), Linux administration, cloud management, virtualization platforms, or secure remote access solutions should prioritize testing and deploying version 3.28. The release not only mitigates several important security risks but also improves operational reliability across Windows, Linux, Android, macOS, and iOS environments.
As enterprise IT environments continue to expand across hybrid cloud, edge computing, and mobile administration scenarios, maintaining a secure and feature-rich Remote Desktop Protocol implementation remains essential. FreeRDP 3.28 reinforces that objective by delivering meaningful security enhancements while laying the foundation for future platform innovation.
For additional details, see the announcement. The source archive is available on the project’s release page.
Recent Post

7
Jul
OpenSSH 10.4 introduces critical security fixes for SSH, SCP, SFTP, and sshd, strengthens protocol enforcement, and debuts experimental post-quantum cryptography support. The release also enhances authentication security, improves Linux sandboxing, and delivers multiple stability and performance improvements, making it a recommended upgrade for enterprise Linux and cloud environments.

