Is RDP secure? Guide to Microsoft RDP security, secure remote access

Is RDP secure? Guide to Microsoft RDP security, secure remote access

The Microsoft Windows Remote Desktop Protocol (RDP) has recently gained a lot of attention for having a variety of exploitable security flaws, causing many enterprises to ask the question: Is RDP secure? Is the best solution to disable RDP on enterprise clients?

This mini learning guide, which is a collection of both news and technical content from SearchSecurity.com, examines the recent Microsoft RDP security vulnerabilities and how these problems could negatively affect an enterprise, as well as remote access security issues and best practices.

Table of contents:

Remote Desktop Protocol security: How to secure RDP network endpoints

What is RDP and why does it pose a security threat? In this featured technical article, expert Matt Pascucci explains what Remote Desktop Protocol is, why it’s needed and how best to secure RDP it in the enterprise.

Whether to change default RDP port as a virus protection best practice

The Morto worm used several well-known vulnerabilities in Microsoft operating systems, specifically the Windows Remote Desktop Protocol, to spread malicious code from host to host over the Internet and local networks. Following this development, several security experts recommended changing the default RDP port.

Does Morto worm prove inherent flaws in Windows RDP security?

Was the rapid growth of the Morto worm the result of Microsoft RDP security issues, or simply weak passwords?

In this Ask the Expert Q&A, enterprise threats expert Nick Lewis answers those questions, discusses the spread of the Morto worm and its relation to the Windows Remote Desktop Protocol, as well as explains why the Morto worm operated differently from other networking worms.

Remote computer access to files and systems must secure

As workforces grow more mobile and diverse, organizations are challenged to enable secure remote access from a variety of unconventional and unmanaged mobile devices, requiring them to overhaul their security strategies to meet the challenges that the new mobile workforce presents.

In this Information Security magazine feature, discover why companies need to be strategic when evaluating the best secure remote computer access technology to deploy.

Is RDP secure? Security-related remote access problems abound

Secure remote access in the enterprise is in trouble, according to SearchSecurity.com Senior Site Editor Eric B. Parizo.

In this column, Parizo discusses the variety of security-related remote access problems found in services such as Microsoft RDP, pcAnywhere, Dropbox and even VPNs, and explains why enterprises must recognize and mitigate remote access security risks.

Secure remote access best practices: Guidelines for the enterprise

It seems the recent pcAnywhere vulnerability was a direct result of the Symantec source code theft.

In this expert Q&A, Randall Gamby offers secure remote access best practices, along with usage and safety guidelines for the enterprise and their remote employees.

Dangerous Microsoft RDP vulnerabilities repaired in Patch Tuesday

Microsoft’s March 2012 Path Tuesday addressed two critical Microsoft Remote Desktop Protocol (RDP) security vulnerabilities that could be exploited by attackers to take control over and crash a Windows system. Vulnerability experts warned attackers would likely develop a worm to exploit the RDP security vulnerabilities. The bulletin addressing the flaws was given the highest deployment priority by Microsoft.

Attack code surfaces for Microsoft RDP security vulnerabilities

Researchers and antimalware vendors tracking new exploit code discovered proof-of-concept code on multiple Chinese websites targeting the previously patched Windows Remote Desktop Protocol security vulnerabilities. McAfee Inc., SophosLabs, Symantec Corp. and Kaspersky Lab issued warnings to update Windows systems immediately to thwart the possibility of a network worm attack.

Microsoft program breach led to early RDP security vulnerability exploit

Hangzhou DPTech Technologies, a China-based security firm, leaked data from the Microsoft Active Protections Program, resulting in the creation of an exploit targeting the Windows RDP security vulnerability. According to Microsoft, the company breached the terms of its non-disclosure agreement under the MAPP program when it released information about the vulnerability before the software giant's March Patch Tuesday release.