After installing the January 2026 Microsoft security updates, Remote Assistance (msra.exe) no longer works on multiple Windows versions. This directly affects Citrix Director Shadowing, as the generated invite files can no longer be opened on patched systems.

The issue is caused by a security hardening related to CVE-2026-20824 – Windows Remote Assistance Security Feature Bypass Vulnerability. While the fix is technically correct from a security perspective, it currently breaks legitimate Remote Assistance workflows in enterprise environments.

Affected systems & updates

• Windows 11 – KB5074109
• Windows Server 2019 – KB5073723
• Windows Server 2022 – KB5073457
• Windows Server 2025 – KB5073379

Once any of these updates are installed, Remote Assistance invite files (*.msrcincident) can no longer be opened, even though they are created correctly.

Symptoms

From a Citrix perspective, everything initially looks fine:

• Citrix Director successfully creates the Remote Assistance invite file
• The file can be downloaded without any errors
• Double-clicking the invite file fails immediately

When launching the invite, users receive the following error message:

“The file could be corrupted, and it should be verified before trying again. If the problem persists, contact your system administrator.”

Event log analysis

The failure is clearly visible in the Windows Event Logs under Applications and Services Logs → Microsoft → Windows → RemoteAssistance.

Typical entries look like this:

Remote Assistance started with Event ID 13:
-openfile "C:\Users\AdminUser\Downloads\Invite.msrcincident"

The error message (Event ID 29):
The file could be corrupted, and it should be verified before trying again.

Remote Assistance has ended (Event ID 30).

No additional error codes, no UAC prompts, no Defender blocks – the process simply terminates.

Root cause

The January updates introduce stricter validation for Remote Assistance invite files as part of the fix for CVE-2026-20824. As a result, invite files generated by Citrix Director are now classified as invalid or untrusted.

This is not a Citrix bug. Citrix Director still uses the officially supported Windows Remote Assistance mechanism – but Microsoft changed the validation logic without providing backward compatibility.

Impact on Citrix environments

• Citrix Director Shadowing via Remote Assistance is broken
• No user consent dialog appears
• Helpdesk and support workflows are blocked
• No configuration workaround via GPO or registry is currently available

This is especially painful in locked-down enterprise environments where alternative shadowing methods are not allowed.

Workaround (unsupported but effective)

At the moment, the only known workaround is to replace the patched msra.exe with a version from an unpatched system.

Procedure

• Take an unpatched Windows system (same OS version copy from path C:\Windows\System32\msra.exe) or download here the msra file:

Windows 10
Windows Server 2019
Windows Server 2022

• The original file cannot be deleted directly; the file permissions must be modified first.
• Navigate to C:\Windows\System32\

• Right-click msra.exe and select Properties

• Open the Security tab and click Advanced

• Next to Owner, click Change

• Enter your administrative account, then click OK

• Click OK, then open Advanced again
• Verify that your admin account is now listed as the Owner, then click Add

• Under Principal, select the same administrative account
• Assign Full Control permissions and confirm with OK

• You can now overwrite the existing msra.exe with the version from the unpatched system

After replacing msra.exe, Remote Assistance and Citrix Director Shadowing start working again immediately.

Important:
This workaround re-introduces the original vulnerability and should only be used as a temporary mitigation in controlled environments.

Security considerations

Replacing system binaries effectively rolls back a security fix. From a security standpoint, this is far from ideal – but currently the only practical option if Remote Assistance is business-critical.

• Limit usage to admin-only systems
• Monitor Microsoft for an official fix
• Plan alternative shadowing solutions if possible

Conclusion

The January 2026 Windows updates silently break Remote Assistance and with it Citrix Director Shadowing. The behavior is fully reproducible, logged, and clearly linked to CVE-2026-20824.

Until Microsoft provides a fixed implementation that preserves compatibility, administrators are left with an uncomfortable choice: accept broken support workflows or temporarily roll back part of the security hardening.

As so often: technically understandable, operationally painful.
If Remote Assistance is essential in your environment, this issue should be on your radar immediately after patching.