The Global Reach and Influence of Steam
The Evolution of the FreeRDP 3.28 Open Protocol

The FreeRDP project stands as a monumental undertaking in the implementation of the Remote Desktop Protocol (RDP), evolving within the open-source community for over fifteen years. Engineered in C and C++, this stack delivers high performance and granular control over data transmission, making it an indispensable tool for system administrators and developers worldwide. The release of version 3.28, following the stable 3.20 build, signals a strategic shift in development priorities toward maximum stability and security.

The centerpiece of this update is a comprehensive security overhaul. In this iteration, developers have patched eight verified vulnerabilities (CVEs)—a critical move given that RDP traffic is frequently a primary target for brute-force attacks and remote code execution (RCE) attempts. These fixes extend beyond the client side to include the proxy server code, significantly hardening the security perimeter for complex network topologies utilizing intermediate gateways.
Alongside these security enhancements, extensive work was dedicated to the restoration and optimization of client applications. A pivotal milestone is the return of the iOS client, restoring the project's full mobile ecosystem. Updated builds have been released for Android, while the Windows client received a series of optimizations aimed at boosting overall performance and UI fluidity.
The FreeRDP 3.28 technological stack has also expanded with the introduction of server-side smart card API support. This addition unlocks new capabilities for implementing rigorous multi-factor authentication (MFA) in corporate environments where hardware security tokens are a mandatory standard.
For monitoring and diagnostics specialists, the client statistics system has been refined. The interface now supports static channels, enabling a more granular analysis of session health and the real-time identification of network throughput bottlenecks.
Rounding out the improvements is the modernization of internal quality assurance tooling. An updated fuzzer and an expanded suite of unit tests allow the development team to detect edge cases and buffer overflows—issues traditionally inherent to C/C++ projects—more rapidly. This rigorous approach to testing ensures that future updates will be even more stable without compromising the protocol's high-speed performance.

