By Vivian / Last Updated February 17, 2022

How is RDP exploited?

RDP (Remote Desktop), a remote access tool that is developed by Microsoft, allows one to remotely access or control another PC as though they are sitting in front of the remote PC. However, although RDP is widely used, it also has some dangerous vulnerabilities such as Bluekeep CVE-2019-0787. In this part, we will talk more about how RDP exploits.

BlueKeep

BlueKeep, also name CVE-2019-0787, is a security vulnerability of RDP that was discovered on Windows 7 and older Windows versions and it allows for the possibility of remote code execution. Hackers can use the vulnerability to Remote Desktop login via 3389, which is quite harmful. If the vulnerability is successfully exploited, hackers can develop a worm ransomware virus exactly. The important data and privacy will be leaked, and the worst thing is that some companies will go bankrupt.

Other possible vulnerabilities

  • 3389 exploit: we know that the default port number of RDP is 3389. When 3389 port is allowed to traverse directly through the Firewall to a target on the internal network, the RDP is at the highest risk. Because the attackers can assume the port number and give attack to the remote connection.
  • Weak sign-in password: The PC is protected by the password. However, when controlling any PC remotely, the password is the same as the one that is used for opening the remote computer. The weak sign-in password makes the attack to be easier.

How to secure Remote Desktop Connection

From the above information, we can get the conclusion that RDP is not safe enough. So, we should take some measures to make the remote session more secure. Here we summarize 4 ways to secure Remote Desktop Connection.

Way 1. Disable RDP after using it

It is said that when we don’t need to use RDP, it’s necessary to disable Remote Desktop to guarantee our PC won’t be hacked by attackers.

Step 1. Press Win + R and then enter “sysdm.cpl”, click on “OK”.

Run Command

Step 2. Locate on the “Remote” tab, and then tick “Don’t allow connections to this computer”. Click on “OK”.

Dont Allow Connections to this Computer

Way 2. Change the port number

We already know something about the 3389 exploit, and we can draw the conclusion that the default port number can be hacked anytime. Therefore, changing the port number can be a good way to safeguard the Remote Desktop Connection.

Step 1. Press Win + R and then input “regedit”, and then hot OK.

Run Box Regedit

Step 2. Navigation:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

TCP Port

Step 3. Scroll down and find “PortNumber” and then double click on it. Change the port number you like, such as 3390, and then select Decimal. Click on “OK”.

Port Number

Step 4. Reboot the computer.

Way 3. Make the password stronger

For the weak-in credentials of Remote Desktop, we can change the password to be stronger so before the connection to protect the remote session.

Step 1. Press CTRL+ ALT + END. Click on “Change a password”.

Change a Password

Step 2. Change to a stronger password ( combine with letter and number)

Way 4. Use Gateway to connect

The RD Gateway uses Remote Desktop Protocol and HTTPS protocols to help create a more secure and encrypted connection. Therefore, the remote session will be more strong when we use Gateway to connect.

Step 1. Press Win + R and then input “mstsc”, click on “OK”.

Run Box MSTSC

Step 2. Click on “Show Options”, and then locate on the “Advanced” tab.

Advanced

Step 3. Select “Settings” and select “Use these RD Gateway server settings”.

Use RD Gateway

AnyViewer: secure your remote connection all the way

How do you avoid RDP exploits and keep RDP secure? We've put together a list of 4 ways you can do to make RDP safer. However, if you are still concerned about RDP's security or consider that altering the settings to make it more secure would take too much time, it appears that the safer remote access software AnyViewer is a good fit for you.

Secured by Elliptic Curve Cryptography (ECC) encryption and supported by a strong team, AnyViewer truly safeguards your remote connections all the way and prevents your data from being leaked. AnyViewer is workable when the client PC and host PC are not on the same LAN. And it’s compatible with Windows 11/10/8.1/8/7 and Windows Server 2022/2019/2016/2012 R2. Apart from that, the fast connection speed and flexible connection method can also give you a new experience.

Download Freeware Win 11/10/8.1/8/7
Secure Download

Step 1.  Install and run AnyViewer and then open it. Go to the “Log in” tab, click on “Sign up”.

Log in to AnyViewer

Step 2. Fill in the information and sign in to this account on the two computers. Once logged in, the PC will be assigned to the account automatically.  

Sign up for AnyViewer

Step 3. Then, click "Device", choose the PC that will be accessed and choose "Remote control". Then, you are able to take full control of the remote PC with one click.

Devices

Note: If you don't want to log in to AnyViewer, you can also try the following steps:

Step 1. On your computer, go to "Connect", input the device ID of your friend's computer and click "Connect". 

Connect

Step 2. Choose "Send a control request to your partner" and click "OK". 

Send a Control Request to Your Partner

Step 3.  A request message will pop up on the host computer. Tick "Allow" and then the connection will be established successfully.

Allow

After remote into the host PC successfully, you can see the desktop of the remote computer on your client computer and you can view the files, run applications or help troubleshoot issues on the host computer. 

Conclusion

What should we do to protect ourselves from "RDP exploits"? We'll go through the RDP vulnerabilities such as BlueKeep vulnerabilities and 3389 exploits, as well as four strategies to secure the remote connection, such as disabling RDP when we don't need it, changing to a stronger password, and so on. If you're still concerned about RDP's security, we recommend AnyViewer, a completely secure remote access software.