BUG: Firewall rule spam when RDSH role is enabled, slow perf. / start / taskbar unresponsive

Not applicable

Dear Microsoft Team,
could we assure that this issue is fixed in Windows Server vNext and can be backported?

Issue description:
The issue is that on RDSH enabled Windows Server 2019, 2022 and likely vNext the Firewall rules duplicate for each user logon 

This is a range of inbound and outgoing rules for different services such

  • Narrator
  • Start
  • Captive Portal Flow
  • Your account
  • Windows Search
  • Windows Security
  • windows_ie_ac_001

etc. it is really a long list, not all rules are affected likely those tied to "apps"

an official workaround was documented here but I wonder why this could not be deployed at scale and why seems impossible to run a remediation script to detect uniquely duplicate Defender Firewall rules with an CU. This would be a breeze!

- high cpu load

- taskbar does not work or become unresponsive

- start does not work or become unresponsive

- much slower logon times

How to reproduce: 
deploy Windows Server 2019 / 2022 with RDSH role
logon / logoff different user domain accounts

check Defender Firewall rules growing

Priority: high

external reference:
[SOLVED] Server2019 RDS Hundreds of Firewall Rules Per User Per Session - Microsoft Remote Desktop S...
Windows RDS Server 2022 - taskbar and start unresponsive : r/sysadmin (reddit.com)

Thank you so much for considering this!

4 Replies
backport of the fix to WS 2019 & 2022 is much appreciated.
But hey, paint can do layers now. That is more important than any server OS bug.
and remove background thanks to AI. Piracy of Adobe Photoshop looses the use case :) #joking
then thankfully the MSpaint change is not related to the WS PG.