Fact-checked by Grok 2 weeks ago

Remote Desktop Protocol

The Remote Desktop Protocol (RDP) is a network communications protocol developed by that provides remote display and input capabilities over network connections, enabling users to access and control a Windows-based computer or as if they were sitting in front of it. Introduced in 1998 as part of Terminal Server Edition, RDP was designed to facilitate secure, multi-user access to shared resources on a , evolving from earlier concepts to support modern scenarios. RDP operates through a client-server , where the RDP client (such as the built-in Remote Desktop Connection app) communicates with an RDP-enabled server to transmit elements, , and inputs, while supporting features like redirection, , audio playback, and printer mapping. The protocol uses layers for basic connectivity, graphics remoting, and optional extensions for enhanced functionality, such as 32-bit , for bandwidth efficiency, and via TLS to secure data transmission. Over time, RDP has been integrated into all professional editions of Windows since , powering (formerly Terminal Services) for infrastructure, administrative management, and collaborative environments. Key aspects of RDP include its support for multiple concurrent user sessions on a single server, scalability for enterprise deployments, and interoperability with non-Windows clients through open-source implementations like FreeRDP, though Microsoft maintains the core specification. Despite its robustness, RDP has faced security challenges, including vulnerabilities exploited in cyberattacks; in 2025, Microsoft deprecated the legacy Remote Desktop app on May 27 and addressed new issues like CVE-2025-48817, prompting recommendations for network-level protections like VPNs and multi-factor authentication for exposed deployments.

Introduction

Definition and Purpose

The (RDP) is a proprietary that enables remote access to a Windows-based over a network connection, typically using port 3389. It facilitates communication between a client device and a remote , transmitting elements, input commands, and data to create an interactive session. The primary purpose of RDP is to allow users to interact with a remote computer's graphical interface as if they were locally present, supporting applications such as , , and virtual desktop infrastructure (VDI). This enables access to server-hosted desktops and applications from endpoint devices, promoting secure and efficient resource utilization without requiring full installation on the client. RDP evolved from Microsoft's Terminal Services, initially introduced in the Windows NT 4.0 Terminal Server Edition in 1998 as RDP version 4.0, to support thin-client computing paradigms where lightweight clients rely on centralized servers for . Key benefits include minimized hardware demands on client devices, as computation and storage occur on the server, and centralized , which simplifies administration, patching, and security enforcement across multiple users.

Core Components

The Remote Desktop Protocol (RDP) employs a to enable remote access to a Windows-based system. In this model, the client application, such as the Remote Desktop Connection tool, captures user inputs—including keyboard strokes, movements, and touches—and transmits them over the network to the server. The server, typically running on a Windows machine configured as a Remote Desktop Session Host, processes these inputs as if they originated locally, executes the corresponding applications, and renders the resulting . The server then compresses and streams the updated screen content back to the client, which reconstructs and displays it in real time, allowing the user to interact with the remote desktop seamlessly. To extend its capabilities beyond basic graphics remoting, RDP incorporates , which function as independent data streams multiplexed within the main protocol connection. These channels allow third-party developers and to add features without modifying the core RDP stack; for instance, the virtual channel enables copy-paste operations between client and server, the audio virtual channel redirects sound from the server to the client's playback devices, and drive redirection channels map local client storage to the remote session for file access. Each virtual channel consists of a dynamic-link library () and a server-side that handle data encoding, transmission, and decoding, supporting both static and dynamic creation during the session. RDP's transport layer relies on TCP port 3389 as the default for establishing reliable, ordered connections between client and server, ensuring through acknowledgments and retransmissions. For enhanced performance, particularly in high-latency or lossy networks, RDP supports on the same port 3389 via the UDP Transport Extension, which enables faster, of graphics data while falling back to for critical control messages. This dual-transport approach optimizes usage and reduces for video-intensive or real-time interactions. Session management in RDP is handled by the server to support multiple concurrent user sessions, allowing a single Remote Desktop Session Host to serve numerous clients simultaneously while isolating each user's environment for security and . The protocol integrates natively with Windows authentication mechanisms, including domain-based credentials via , where user logons are validated against domain controllers before granting session access. This enables centralized management of permissions, such as restricting session counts per user or enforcing policies like idle timeouts, ensuring scalable deployment in enterprise environments.

History

Early Versions (4.0–5.2)

The Remote Desktop Protocol (RDP) version 4.0 was introduced in 1998 as part of Server 4.0 Terminal Server Edition, a product developed in collaboration with , licensing core technology from Citrix's Independent Computing Architecture (ICA) to enable multi-user remote access to Windows applications on a server. This version focused on basic bitmap remoting, transmitting screen updates as compressed bitmaps over port 3389, supporting up to 256 colors and resolutions limited to 1024x768 pixels to optimize on low-speed networks like 28.8 kbps modems. Key limitations included no support for local resource redirection, reliance on encryption without default TLS, and single-channel data transmission, making it unsuitable for multimedia or high-resolution tasks. RDP version 5.0, released with Server in February 2000, integrated Terminal Services directly into the operating system, eliminating the need for a separate edition and enhancing compatibility with . It introduced font smoothing for clearer text rendering on client devices, 16-bit for improved visual quality, and better algorithms that reduced usage for common operations like scrolling and window moves compared to version 4.0. These updates prioritized efficiency in environments but retained basic security without mandatory TLS, limiting secure deployment over public networks. Version 5.1, shipped with in October 2001, extended RDP capabilities for consumer and small business use by adding local resource redirection, allowing clients to map printers, drives, and clipboard data to the remote session for seamless file and print operations. It also supported configurations up to two displays and 24-bit , enabling more immersive remote experiences while maintaining with prior versions through dynamic capability negotiation. However, security remained basic, with optional 128-bit but no default TLS, exposing sessions to man-in-the-middle risks on untrusted networks. RDP 5.2, introduced alongside in April 2003, built on version 5.1 by incorporating session shadowing for administrators to monitor or control active user sessions without disruption, enhancing and in services deployments. It improved scalability for multi-user environments through better load balancing via session directories and extended maximum resolution to 1600x1200 pixels with 32-bit color on compatible hardware. While adding optional TLS encryption for the first time to bolster security, it was not enabled by default, and the protocol still lacked advanced features like glass effects, focusing instead on reliable services for multiple concurrent sessions per server in optimized configurations.

Vista and Server 2008 Era (6.0–6.1)

The Remote Desktop Protocol (RDP) version 6.0, released in 2007 alongside , introduced significant graphical enhancements to support the operating system's new elements. Specifically, RDP 6.0 added support for 32-bit , enabling the full fidelity rendering of the theme, including transparent windows and visual effects that were not adequately supported in prior versions. This upgrade allowed remote sessions to display high-quality visuals comparable to local interactions, improving the for graphical applications. Additionally, persistent bitmap caching was enhanced in RDP 6.0 to store frequently used images on the , thereby reducing usage by minimizing redundant data transmission over the network. RDP 6.0 also improved multimedia capabilities, particularly in audio handling. Audio playback redirection was refined to deliver higher-quality from the remote session to the local device, leveraging the protocol's extensions for more efficient streaming. These enhancements built on earlier techniques from RDP versions 4.0–5.2 by incorporating better encoding for audio data, resulting in smoother playback with lower in typical environments. In 2008, RDP version 6.1 was introduced with , focusing on security and scalability improvements for enterprise deployments. A key addition was Network Level Authentication (NLA), which authenticates users at the network level before establishing a full remote session, using the Credential Security Service Provider (CredSSP) to enhance protection against unauthorized access. RDP 6.1 also enabled server authentication by default, allowing clients to verify the remote server's identity via certificates, thereby mitigating man-in-the-middle attacks during connection initiation. Version 6.1 further advanced session management and reliability features. It supported improved multi-session handling through the Terminal Services role, permitting multiple concurrent user sessions on a single server with proper licensing, which facilitated better resource sharing in server farms. Integration with 2008's clustering provided for remote sessions, allowing seamless redirection to backup nodes in multi-site clusters during outages. For (WAN) scenarios, RDP 6.1 incorporated bandwidth optimizations via an updated compressor, achieving up to 30% better compression efficiency compared to connections with , which reduced data transfer requirements for remote access over slower links.

Windows 7 and Later (7.0–8.1)

The evolution of the Remote Desktop Protocol (RDP) in Windows 7 and later versions up to 8.1 marked a shift toward enhanced multimedia capabilities, touch interactions, and virtualization support, building on the Network Level Authentication introduced in earlier eras for secure session initiation. Version 7.0, released with Windows 7 and Windows Server 2008 R2 in 2009, introduced RemoteFX, a set of technologies enabling GPU-accelerated 3D graphics remoting specifically for virtual desktop infrastructure (VDI) environments, allowing richer visual experiences in remote sessions without requiring high-bandwidth connections. This version also added support for up to 16 monitors in multi-monitor configurations, facilitating extended desktop spanning for productivity tasks. Additionally, RDP 7.0 enhanced USB device redirection, enabling seamless access to local peripherals like storage drives and printers from the remote session, and introduced multi-touch gesture support to accommodate emerging touch-enabled devices. In 2010, version 7.1 arrived with SP1 and SP1, focusing on refinements to multimedia handling and session efficiency. Key additions included improved print job processing through enhancements to Remote Desktop Easy Print, which streamlined driverless printing by reducing latency and resource usage on the server side. Video playback quality was also upgraded with better synchronization between audio and video streams, enabling smoother of media content over varied network conditions. These updates extended capabilities, including virtual GPU (vGPU) support for virtual machines in VDI setups, laying groundwork for more immersive remote experiences. Version 8.0, integrated with and in 2012, expanded support for modern user interfaces and network optimizations. It provided native compatibility with the Metro UI (now Windows UI), ensuring fluid rendering of touch-optimized applications in remote sessions. RDP 8.0 introduced dynamic adjustments, allowing the remote desktop to adapt to client-side changes without full reconnection, and implemented UDP transport for improved performance over wide-area networks (WANs), reducing for interactions. These features, backported via updates to SP1, also included adaptations like WAN-optimized graphics and progressive codecs for better bandwidth efficiency in VDI scenarios. The final iteration in this era, version 8.1 with and in 2013, refined and display management for more responsive sessions. Enhancements to virtual channel optimized data transmission for peripherals and multimedia, minimizing overhead while maintaining quality. spanning was improved to support dynamic reconfiguration across up to four displays, with seamless handling of addition or removal during active sessions. This version further advanced VDI integration by enhancing Remote Desktop Virtualization Host compatibility with , supporting pooled and personal virtual desktops for early cloud-hybrid deployments.

Windows 10 and Modern Enhancements (10.0 and Beyond)

With the release of in 2015, Remote Desktop Protocol version 10.0 introduced significant enhancements in video compression, leveraging H.264/AVC encoding to improve for remote sessions, including for full-screen AVC 444 mode that provides higher fidelity for graphics and video playback. This upgrade reduced bandwidth usage while maintaining visual quality, particularly beneficial for scenarios involving dynamic content. Additionally, Remote Desktop Web Access saw improvements in and , allowing better browser-based connections through enhanced and streamlined authentication flows. RDP 10.0 also reinforced security by requiring TLS encryption for connections, supporting versions 1.0 and higher. Subsequent updates to and later versions built on these foundations, integrating TLS 1.2 by default in 2016 and extending to TLS 1.3 support starting in 2020 previews, enhancing encryption strength against evolving threats. Multi-monitor configurations were refined to better handle resolutions, enabling seamless spanning across high-DPI displays with reduced latency through optimized display remoting. Integration with , launched in 2019 and matured through 2025, embedded RDP as the core protocol for cloud-hosted virtual desktops, supporting features like RDP Shortpath for direct UDP-based connections that bypass gateways for lower latency in hybrid environments. These advancements facilitated by prioritizing reliability over varied networks, with RDP Multipath introduced in 2023 to aggregate multiple transport paths for resilient sessions. By 2025, RDP in 2025 emphasized continuity with incremental bug fixes and performance tweaks, such as refined / handling to mitigate connection drops in unstable networks, without introducing a new major version. hardening accelerated post-2020 vulnerabilities, incorporating mandatory stronger ciphers, automatic certificate enrollment for TLS, and Zero Trust principles like just-in-time access in integrations to safeguard work setups. Concurrently, deprecated the Remote Desktop app on May 27, 2025, transitioning users to the unified Windows App, which maintains full RDP compatibility while adding streamlined support for , Windows 365, and on-premises sessions. This shift underscores RDP's evolution toward a more secure, cloud-agnostic for distributed workforces.

Technical Specifications

Protocol Stack and Layers

The Remote Desktop Protocol (RDP) utilizes a layered architecture to support remote access over network connections, drawing from established standards for multipoint communication while incorporating Microsoft-specific extensions for desktop remoting. The protocol stack begins at the , which employs on port 3389 as the primary mechanism for reliable, connection-oriented data delivery between client and server; support was added in later versions, such as RDP 8.0 and beyond, to enable enhanced performance in bandwidth-constrained or high-latency environments through techniques like recovery. Above the transport layer lies the RDP-specific layer, responsible for core functionalities including graphics remoting via compressed updates and orders, forwarding of user input such as and mouse events, and coordination of virtual channels that allow extension protocols for features like or device redirection without altering the base stack. This layer encapsulates Protocol Data Units (PDUs) tailored to RDP, such as those for caching to reduce usage and input to ensure low-latency responsiveness. The middle layers integrate standards from the T.120 series to handle multiplexing and control. The Generic Conference Control () layer, based on ITU-T Recommendation T.124, manages initial connection negotiation by establishing a virtual conference between client and server, including the exchange of conference create requests and responses that define session parameters like node identifiers and conductor roles. Directly above GCC is the Multipoint Communication Service (MCS) layer, derived from ITU-T Recommendation T.125, which provides channel multiplexing to segment traffic into logical streams—such as static channels for core RDP data (e.g., I/O for and ) and dynamic virtual channels for pluggable extensions—while supporting prioritization and segmentation for efficient data flow over the single transport connection. Key packet structures within this stack include the X.224 Connection-Request and Connection-Confirm PDUs at the for initial handshake and parameter negotiation, MCS Connect-Initial and Connect-Response PDUs that embed GCC conference data for capability alignment, dedicated licensing PDUs to verify and issue temporary licenses per Services requirements, and capabilities exchange PDUs—such as the server's Demand-Active PDU—that detail supported features like algorithms, color depths, and modes to ensure compatibility. These structures operate within the layered to abstract underlying details, enabling modular extensions without disrupting the core .

Connection Establishment

The connection establishment in Remote Desktop Protocol (RDP) begins with the client initiating a connection to the on port 3389, establishing a reliable for subsequent exchanges. Following the three-way , the client sends an X.224 Request PDU, which encapsulates RDP Negotiation Request data if using the security-enhanced connection sequence; this request includes protocol flags indicating support for standard RDP security, enhanced security (e.g., TLS), or CredSSP, along with a for identification. The responds with an X.224 Confirm PDU, confirming the connection parameters and selected security , such as TLS 1.0 or higher for encrypted sessions. Next, the basic settings exchange occurs through the Multi-Channel Service (MCS) layer, where the client transmits an MCS Connect Initial PDU containing core data like desired , maximum , keyboard layout, and supported compression methods. The server replies with an MCS Connect Response PDU, providing its own core data, including network type (e.g., or for optimization) and settings such as level (low, client-compatible, high, or FIPS-compliant). This exchange ensures compatibility for session parameters, with the server validating the client's requested capabilities against its own limits. The licensing phase follows, where the server issues a license to the client to authorize remote access; if the client lacks a valid , the server provides a temporary one valid for 90 days or directs the client to obtain a permanent from a Remote Desktop License Server. This process uses License Warning or License Request PDUs, ensuring compliance with Microsoft's licensing model without interrupting the connection flow. Channel creation then takes place via MCS Erect Request, MCS Attach Request, and MCS Join Request PDUs from the client, establishing virtual channels for I/O redirection such as input, clipboard sharing, printer redirection, and drive mapping. The server responds with corresponding MCS Confirm PDUs, dynamically allocating IDs (e.g., static channels 1001–1019 for core functions like RDPDR for device redirection) and confirming joins for supported channels. Finally, security negotiation is integrated throughout but finalized here, where the selected encryption method (e.g., or via CredSSP) is activated, and the server may present a for validation by the client to ensure the connection's and . If TLS is chosen, the client verifies the server's against trusted authorities before proceeding, mitigating man-in-the-middle risks. This completes the establishment, transitioning to data exchange over the secured channels.

Features

Graphics and Display Remoting

The Remote Desktop Protocol (RDP) primarily employs bitmap-based remoting to transmit visual output from the to the client, where the captures screen regions or the entire as bitmaps and encodes them for efficient transfer over . This approach involves dividing the screen into tiles or regions, updating only changed areas to minimize data volume, and leveraging virtual channels dedicated to graphics data for seamless integration with the core . Compression techniques in RDP graphics remoting focus on reducing bandwidth while preserving visual fidelity, with NSCodec serving as a key method for handling 24-bit and 32-bit per pixel (bpp) bitmaps in sessions operating at 32 bpp. NSCodec applies a combination of planar encoding and predictive techniques to exploit spatial redundancies in desktop images, achieving significant compression ratios for static or slowly changing content like application windows. Similarly, RLGR (Run-Length Golomb-Rice) compression, integrated into advanced codecs, uses entropy coding to efficiently represent runs of identical pixels and residual data, enhancing performance in scenarios with repetitive graphical elements. For initial screen loads and dynamic updates, RDP incorporates progressive encoding mechanisms that prioritize low-frequency components of the image, allowing clients to render a coarse version quickly before refining details, which improves perceived responsiveness. Cache management further optimizes remoting by storing frequently used bitmaps and glyphs on the client side, such as off-screen bitmaps and font caches, to avoid retransmission of unchanged elements across sessions or updates. This persistent caching, organized into multiple levels (e.g., primary and secondary caches), reduces latency for repeated UI elements like icons and menus. Modern RDP versions support high-resolution displays up to (3840x2160) and configurations, enabling seamless spanning across multiple client monitors for immersive workflows. Introduced in RDP 8.0 and enhanced in RDP 10.0, H.264/AVC encoding provides GPU-accelerated compression for both static graphics and video content, supporting resolutions with modes like AVC 444 for high-fidelity . In RDP implementations like , HEVC/H.265 hardware encoding support became generally available in June 2025, enabling improved compression efficiency for video content and higher resolutions when using compatible GPUs. , introduced in RDP 7.0 for and Server 2008 R2, provided a lossy based on discrete transforms (DWT) and RLGR, leveraging server-side to accelerate graphics rendering and compression; however, it was deprecated in 2020 due to vulnerabilities and is no longer supported in modern Windows versions.

Input and Multimedia Support

The Remote Desktop Protocol (RDP) facilitates the redirection of user inputs from the client to the server, enabling seamless interaction with remote sessions. and events are forwarded through input Protocol Data Units (PDUs), which are transmitted via slow-path or fast-path mechanisms to minimize latency and ensure between client actions and server responses. The slow-path approach, akin to T.128 input standards, handles detailed event data, while the fast-path optimizes for high-frequency inputs like movements by reducing overhead. Additionally, the RDP Core Input Extension supports remoting of these inputs over transport for enhanced performance in low-latency scenarios. Clipboard redirection in RDP allows bidirectional transfer of content such as text, images, and files between the local client and remote session, enhancing productivity by integrating local resources into remote workflows. This feature operates through virtual channels that serialize clipboard data and enforce configurable policies for format support and transfer direction, preventing unauthorized data exfiltration while permitting essential operations like copying code snippets or screenshots. Administrators can limit redirection to specific data types, such as plain text or bitmap images, via Group Policy settings to balance usability and control. RDP supports audio redirection for both playback and recording, leveraging dynamic channels to stream media without interrupting the primary session. Server-generated audio, such as sounds or application output, is redirected to the client's speakers for playback, while client can capture and send audio to the server for recording or input in applications like chats. These channels, which are software extensions negotiated during setup, enable efficient of audio streams alongside other data, supporting formats like PCM and ensuring low-latency delivery through configurable quality settings. For instance, in remote collaboration tools, this allows users to hear remote media while using local hardware for input, with policies controlling bandwidth allocation to prioritize audio fidelity. Printer redirection maps local printers to the remote session, allowing users to print directly from remote applications to attached devices as if they were locally connected. RDP creates virtual printer drivers on the that emulate client printers, supporting formats like PCL and for seamless job and driver matching. Similarly, drive redirection exposes local fixed, removable, or network drives to the remote environment, enabling file access and transfer without manual uploads. This mapping uses virtual channels to mount drives transparently, with options to restrict access to read-only or specific paths via to maintain session isolation. USB device redirection provides plug-and-play support for peripherals, allowing local like storage drives, webcams, or input devices to be enumerated and used within the remote session. RDP's USB redirection filters and forwards device descriptors and data packets, supporting USB 2.0 and higher speeds through isochronous or bulk transfers over virtual channels. Configurations can selectively enable redirection for classes like Human Interface Devices (HID) or , ensuring compatibility while applying filters to block high-risk peripherals, thus integrating local hardware into remote workflows efficiently.

Security

Authentication and Encryption

The Remote Desktop Protocol (RDP) employs two primary authentication mechanisms: standard RDP authentication and Network Level Authentication (NLA). Standard RDP authentication occurs after the initial connection is established, where the client connects to the server and is then prompted for credentials through the server's login interface, allowing verification against the server's authentication store such as local accounts or Active Directory. In contrast, NLA provides an additional layer of security by requiring credential validation prior to creating a full remote session, using the Credential Security Support Provider (CredSSP) to securely transmit and verify user credentials at the network level, thereby preventing unauthorized session initiation. For encryption, RDP utilizes distinct methods depending on the security mode. In legacy Standard RDP Security, data is protected using the with configurable levels: Low (encrypting only client-to-server data with a 40-bit key), Client Compatible (negotiating the highest mutual level), High (128-bit keys for bidirectional ), and FIPS Compliant (restricted to Federal Information Processing Standards-approved algorithms). Modern implementations favor Enhanced RDP Security, which wraps RDP traffic in (TLS) protocols, supporting versions up to TLS 1.3 since and , with TLS 1.3 support in Schannel available from but limited reliability in early RDP implementations, enabling stronger ciphers such as AES-128 or AES-256 for data confidentiality and integrity. This TLS integration also facilitates certificate-based server authentication, where the server presents an certificate during the TLS handshake to verify its identity, mitigating man-in-the-middle attacks by ensuring clients connect only to trusted endpoints. RDP's FIPS compliance modes are designed for environments requiring adherence to U.S. government standards, such as federal agencies. In FIPS Compliant mode under Standard RDP Security, only validated cryptographic modules are used, excluding non-compliant algorithms like RC4 and enforcing AES-based encryption with appropriate key lengths (e.g., 128-bit or 256-bit) to meet FIPS 140-2 or later validation requirements. When using Enhanced RDP Security with TLS, FIPS compliance is achieved by selecting cipher suites from the Schannel library that align with FIPS-approved implementations, ensuring all encryption operations during connection establishment and data transfer conform to these standards.

Known Vulnerabilities

The Remote Desktop Protocol (RDP) has faced several critical security vulnerabilities over its evolution, particularly in its , handling, and remote code execution mechanisms, exposing systems to unauthorized access and exploitation. These flaws have primarily affected Windows implementations, where RDP is natively integrated, and have prompted extensive patching efforts by . One of the most severe historical vulnerabilities is , designated CVE-2019-0708, a pre-authentication remote code execution (RCE) flaw in the component. This vulnerability allows an unauthenticated attacker to send specially crafted requests to unpatched systems running RDP versions from 5.1 to 10.0, potentially executing arbitrary code without user interaction, and is considered "wormable" due to its ability to self-propagate across networks. It impacts , Server 2008 R2, and earlier versions, with Microsoft releasing emergency patches in May 2019 even for end-of-support operating systems to mitigate widespread exploitation risks. Following , Microsoft addressed DejaBlue, comprising CVE-2019-1181 and CVE-2019-1182, which are similar pre- RCE vulnerabilities in . These flaws affect patched systems on through , exploiting heap overflow conditions in the RDP channel handling to enable remote code execution without authentication. Patched in August 2019, DejaBlue also carries wormable potential, though it requires specific conditions in the RDP to trigger, and affects a broad range of versions including Server 2008 through 2019. Another significant issue involves the Credential Security Support Provider (CredSSP), targeted by CVE-2018-0886, a remote code execution vulnerability stemming from improper validation during the process in RDP's Network Level (NLA) mode. This flaw enables man-in-the-middle (MITM) attacks where an attacker could intercept and manipulate credentials forwarded via CredSSP, potentially leading to unauthorized remote on systems with NLA enabled but unpatched. Microsoft issued updates in March 2018, recommending reconfiguration of CredSSP settings to "Vulnerable" mode temporarily for compatibility, though this increases exposure until full patching. RDP's default exposure on TCP port 3389 has also facilitated brute-force attacks, where attackers repeatedly attempt guesses against open RDP endpoints, exploiting weak default configurations and lack of in older implementations. This port-scanning is exacerbated by RDP's transmission in non-encrypted sessions, making it a common for unauthorized attempts across internet-exposed systems. In 2025, continued addressing RDP-related flaws through cumulative updates, including the October release (KB5066835), which patched CVE-2025-58737, an important RCE vulnerability in the RDP affecting and Server versions. This update resolves issues in connection establishment that could allow remote exploitation, building on earlier 2025 fixes for buffer overflows like CVE-2025-29966 and CVE-2025-29967 in Remote Desktop Gateway services.

Implementations

Client Applications

Client applications for the Remote Desktop Protocol (RDP) enable users to connect to remote Windows systems from various devices, implementing the of the to handle connection negotiation, input transmission, and display rendering. The primary official client on Windows is Remote Desktop Connection, known as mstsc.exe, a built-in tool available since that supports RDP versions up to 10.0 and remains fully supported as of 2025 for connecting to local and remote desktops. This lightweight executable provides core functionality such as bitmap caching for efficient graphics remoting and supports features like redirection and without requiring additional installation. Microsoft's , a (UWP) application available via the , introduced modern features like support and dynamic but reached end of support on May 27, 2025, and was replaced by the . The , released in preview in 2024 and generally available across platforms (Windows, macOS, , , and web) by April 2025, serves as the unified successor, supporting RDP alongside other protocols for and Windows 365, with enhanced multi-session management allowing users to organize and switch between multiple remote connections seamlessly. It provides touch-optimized interfaces for mobile devices, biometric authentication, support for external displays, and auto-reconnect functionality, integrating with for secure . Open-source third-party clients provide alternatives for non-Windows environments, particularly . FreeRDP, an Apache-licensed implementation, is a versatile library and client supporting RDP versions 5 through 10, with its latest stable release, version 3.18.0 in November 2025, featuring improved security protocol handling and cross-platform builds for , macOS, and Windows. On , rdesktop is a , open-source client under the GNU GPL that supports older RDP versions, sound redirection, and , but it is no longer actively maintained and is best suited for legacy compatibility. For macOS, while legacy options like CoRD (last updated in 2012) exist for simple RDP access, the official recommendation is the Windows App.

Server Implementations

The primary server implementation of the Remote Desktop Protocol (RDP) is Microsoft's (), integrated into editions from 2008 onward, enabling multi-user remote access to desktops and applications through session hosts. supports two main licensing modes: Per User Client Access Licenses (CALs), which grant access based on individual user identities, and Per Device CALs, which tie licenses to specific client devices for shared user environments. This infrastructure has evolved through versions up to 2025, incorporating enhancements like improved multi-session capabilities for multi-session. The Terminal Services role, rebranded as in , configures servers to host multiple concurrent user sessions, allowing centralized management of virtual desktops and remote applications. For external access, the Remote Desktop Gateway (RD Gateway) role facilitates secure RDP connections over the internet by tunneling traffic through , reducing the need for direct exposure of session hosts. Open-source alternatives include , an RDP-compatible server for and Unix systems that emulates RDP to allow connections from Windows clients and other RDP tools. integrates with X11 for graphical sessions and supports authentication methods like , making it suitable for cross-platform remote access without . In cloud environments, leverages RDP 10.0 as its core protocol for delivering virtualized Windows desktops and apps, supporting scalability across Azure regions with features like automatic session reconnection. Similarly, (AWS) WorkSpaces provides RDP support for direct connections to provisioned Windows desktops, primarily for troubleshooting and administrative access alongside its native client. For scalability in large deployments, the RD Connection Broker manages load balancing across RDP server farms by directing incoming connections to available session hosts, supporting through clustered configurations and SQL Server backends. This enables farms to handle hundreds of simultaneous sessions while maintaining session persistence during failovers.

Legal and Ethical Considerations

Patents and Licensing

The Remote Desktop Protocol (RDP) is protected by a portfolio of patents held by Microsoft, primarily covering core technologies such as bitmap caching for efficient remote presentation of graphics, data compression algorithms to reduce bandwidth usage, and virtual channels for multiplexing additional data streams like audio or printer redirection. For instance, U.S. Patent 8,189,661 (issued 2012) details a tile-based compression method for RDP bitmaps, enabling higher-quality remote sessions by optimizing image differencing and encoding. Similarly, U.S. Patent 8,180,905 (issued 2012) describes a user-mode architecture for processing virtual channel data in RDP, separating encoding from kernel operations to enhance security and performance. Early patents from the late 1990s and early 2000s related to foundational RDP elements, including bitmap caching mechanisms, have largely expired by 2025 under the standard 20-year term from filing date, while more recent ones remain enforceable or available via licensing agreements. To promote interoperability, Microsoft published RDP technical specifications starting in 2008 as part of its Open Specifications program, covered under the Microsoft Open Specifications Promise. This irrevocable covenant grants royalty-free rights to implement the documented protocols without fear of patent infringement claims from Microsoft, provided the implementation adheres to the specs for compatibility purposes and does not extend to unrelated technologies. The promise, originally announced in 2006 and applicable to RDP documentation like the Basic Connectivity and Graphics Remoting specification, facilitates development of third-party clients and servers while protecting Microsoft's intellectual property. Commercial use of RDP in server environments requires Client Access Licenses (CALs) under Microsoft's (RDS) licensing model. CALs are mandatory for each user or device connecting to an RDS host server beyond basic , available in per-user (assigned to specific authenticated users, suitable for workforces) or per-device (tied to , ideal for shared kiosks) variants, and must be acquired from or authorized resellers to ensure compliance. These licenses are validated against an RDS license server, enforcing usage limits to prevent unlicensed access. Early development of RDP involved collaboration with , culminating in a cross-licensing and technology development agreement that addressed similarities between Microsoft's RDP and Citrix's Independent Computing Architecture (ICA). Under this deal, Microsoft licensed ICA technology to integrate multi-user capabilities into , paving the way for RDP's evolution while granting Citrix to Windows ; no subsequent major disputes arose, solidifying a for remote innovations.

Role in Cybercrime

Cybercriminals frequently exploit the Remote Desktop Protocol (RDP) through brute-force attacks and , targeting systems with exposed port 3389, the default RDP port. Attackers scan for open RDP ports using tools like and then employ password-cracking software such as to attempt unauthorized access by trying common username-password combinations or stolen credentials at high speeds. These methods are particularly effective against organizations with weak passwords or unpatched systems, enabling initial network entry for further malicious activities like or deployment. RDP also plays a key role in ransomware operations, where groups such as and Conti integrate RDP capabilities into their for post-breach persistence and lateral movement. Once initial access is gained—often via or exploited vulnerabilities—attackers enable or manipulate RDP sessions to maintain , evade detection, and navigate networks without deploying additional tools that might trigger alerts. For instance, actors have been observed using RDP to execute commands and deploy payloads across compromised environments, while Conti has leveraged it for sustained access during encryption phases. This technique allows ransomware affiliates to operate efficiently , prolonging their and increasing the likelihood of successful . Notable incidents highlight RDP's vulnerability in large-scale . In 2019, the vulnerability (CVE-2019-0708) prompted widespread scanning campaigns, as it enabled remote code execution without , posing a wormable threat that could spread like WannaCry across unpatched Windows systems. More recently, from 2023 to 2025, attackers have targeted unpatched RDP servers in compromises, such as using stolen RDP credentials to deploy like Cephalus in mid-2025 breaches affecting multiple vendors. These attacks often exploit known vulnerabilities for initial footholds, amplifying impact across interconnected organizations. Compromised RDP access is a staple commodity on dark web markets, where initial access brokers sell credentials to RDP-enabled systems for $10–100 per month, depending on the target's location, bandwidth, and privileges. Low-value accounts from small businesses or residential IPs fetch lower prices, while enterprise-level commands premiums due to their utility in , , or further staging. This marketplace lowers the barrier for less-skilled criminals, fueling a cycle of exploitation. In response to these threats, mitigation trends emphasize avoiding direct RDP exposure to the internet, with organizations increasingly adopting virtual private networks (VPNs) to tunnel RDP traffic securely. VPNs obscure RDP ports from public scans and enforce additional authentication layers, reducing brute-force success rates; however, they must be properly configured to avoid introducing new vulnerabilities. This shift reflects broader cybersecurity guidance prioritizing over legacy remote access protocols.

References

  1. [1]
    Remote Desktop Protocol - Win32 apps | Microsoft Learn
    Aug 19, 2020 · The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a ...
  2. [2]
    Understanding Remote Desktop Protocol (RDP) - Windows Server
    Jan 15, 2025 · This article describes the Remote Desktop Protocol (RDP) that's used for communication between the Terminal Server and the Terminal Server Client.
  3. [3]
    Internet Accessible Remote Desktop Protocol (RDP)
    Since the Microsoft Corporation first included RDP with Windows NT 4.0 Terminal Server Edition in 1998, They have released twenty (20) security updates and ...<|control11|><|separator|>
  4. [4]
    What is RDP? Remote Desktop Protocol Explained - Twingate
    Sep 14, 2021 · Microsoft introduced Remote Desktop Protocol in 1998 as part of Windows NT Server 4.0 Terminal Server Edition. Its original purpose was to let ...
  5. [5]
    [MS-RDSOD]: Remote Desktop Services Protocols Overview
    Mar 12, 2023 · Remote Desktop protocols allow users to initiate sessions on a server, run programs, save files, and use network resources, supporting multiple ...Published Version · Previous Versions
  6. [6]
    [MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and ...
    Sep 3, 2022 · Specifies the Remote Desktop Protocol: Basic Connectivity and Graphics Remoting, designed to facilitate user interaction with a remote computer system.Published Version · Previous Versions
  7. [7]
    What is Remote Desktop Protocol? How does RDP work? - Fortinet
    RDP is a secure network communication protocol developed by Microsoft. It enables users to control and operate computers from a distance remotely.
  8. [8]
    What is Remote Desktop Services (RDS) in 2025? | GO-Global
    Oct 22, 2025 · It was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition and was renamed Remote Desktop Services in the 2009 ...
  9. [9]
    What is Remote Desktop Protocol (RDP)? | Definition from TechTarget
    Oct 25, 2024 · RDP is a secure network communications protocol developed by Microsoft. It enables network administrators to remotely diagnose problems that users encounter.
  10. [10]
    What is the Remote Desktop Protocol (RDP)? - Cloudflare
    RDP was initially released by Microsoft and is available for most Windows operating systems, but it can be used with Mac operating systems too.
  11. [11]
    Remote Desktop Services overview in Windows Server
    Oct 30, 2025 · Remote Desktop Services (RDS) in Windows Server is a built-in platform for securely delivering managed desktops and applications to users, ...
  12. [12]
    Microsoft Security Bulletin MS02-051 - Moderate
    For instance: Windows NT 4.0, Terminal Server Edition implements RDP 4.0. Terminal Services in Windows 2000 implements RDP 5.0.
  13. [13]
    Remote Desktop Services virtual channels - Win32 apps
    Aug 23, 2019 · Virtual channels are software extensions that can be used to add functional enhancements to a Remote Desktop Services application.Missing: evolution | Show results with:evolution
  14. [14]
    [MS-RDPEDYC]: Overview - Microsoft Learn
    Apr 23, 2024 · The Remote Desktop Protocol (RDP) layer manages the creation, setup, and data transmission over the virtual channel. A DVC consists of two ...
  15. [15]
    Ports that are used by Remote Desktop Services - Microsoft Learn
    Feb 8, 2025 · TCP 3389: Used for connections to non-managed VM pools. Managed machines use Virtual Machine Bus (VMBus) to open ports. TCP 3389: Client port ...From client to RD resource · Remote Desktop Connection...Missing: transport | Show results with:transport
  16. [16]
    [MS-RDPEUDP]: Remote Desktop Protocol: UDP Transport Extension
    Jun 24, 2021 · Specifies the Remote Desktop Protocol: UDP Transport Extension, which extends the transport mechanisms in the Remote Desktop.
  17. [17]
    Remote Desktop Services roles - Microsoft Learn
    Jul 3, 2024 · This lets users connect through the internet using the HTTPS communications transport protocol and the UDP protocol, respectively. The ...
  18. [18]
    Connect to Remote Desktop Services in Windows Server
    May 19, 2025 · Learn how you can connect to a remote session from Remote Desktop Services in Windows Server using Windows App or the Remote Desktop client.Microsoft Ignite · Android · Get started with the web client · iOS/iPadOS
  19. [19]
    Microsoft Releases Windows NT Server 4.0 Terminal Server Edition
    Today at PC Expo, Microsoft Corp. announced the release to manufacturing of Microsoft® Windows NT® Server 4.0 ...
  20. [20]
    [MS-RDPBCGR]: Appendix A: Product Behavior | Microsoft Learn
    Sep 3, 2022 · Microsoft RDP servers apply only the active locale identifier to a newly created session. The value is ignored when connecting to an existing session.
  21. [21]
    [MS-RDPBCGR]: RDP 5.0 - Microsoft Learn
    Apr 7, 2025 · 1). RDP 5.0 has a history buffer size of 64 kilobytes, thus both endpoints MUST maintain a 64 kilobyte window.
  22. [22]
    Microsoft Security Bulletin MS09-044 - Critical
    Aug 11, 2009 · This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code ...
  23. [23]
    [DOC] RDP Performance Whitepaper - Microsoft Download Center
    Oct 13, 2008 · This paper details different RDP features and the potential impact to usability and bandwidth. To test the impact of different features and ...
  24. [24]
    [DOC] WS08PerformanceTuningGuideF...
    Themes (RDP file setting: disable themes:i:1), when disabled, reduces bandwidth by simplifying theme drawings that use the classic theme. • Bitmap cache (RDP ...
  25. [25]
    [MS-RDPEA]: Appendix A: Product Behavior - Microsoft Learn
    Jun 24, 2021 · ... Windows, which support audio redirection. Unless otherwise specified ... Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 ...
  26. [26]
    Description of the Remote Desktop Connection 6.1 client update for ...
    Jan 15, 2025 · This article discusses the Remote Desktop Connection (RDC) 6.1 client update that helps you use the new Terminal Services features.
  27. [27]
    Remote Desktop Services (Remote Desktop Services) - Win32 apps
    Dec 10, 2020 · Remote Desktop Services (formerly known as Terminal Services) allow a server to host multiple, simultaneous client sessions.Purpose · Where applicableMissing: evolution | Show results with:evolution
  28. [28]
    [DOC] WS08TechnicalOverviewFinal_En.docx - Microsoft Download Center
    In Windows Server 2008 Terminal Services Gateway and Terminal Services ... Multi-site clustering in Windows Server 2008 makes it possible to provide failover ...
  29. [29]
    [MS-RDPRFX]: Remote Desktop Protocol: RemoteFX Codec Extension
    Jun 24, 2021 · The RemoteFX Codec Extension uses a lossy image codec to encode screen images with efficient and effective compression.
  30. [30]
    Windows 7 / Windows Server 2008 R2: What&#8217;s New in ...
    Oct 12, 2009 · True Multiple Monitor support - Remote Desktop Connection (RDC) 7.0 and Windows Server 2008 R2 enable support for up to 16 monitors. This ...<|control11|><|separator|>
  31. [31]
    Introducing Microsoft RemoteFX USB Redirection: Part 1
    A RemoteFX-capable client (Remote Desktop Connection 7.1 or later) · A virtual machine hosted on a RemoteFX host (Windows 7 SP1 or later).
  32. [32]
    [PDF] Windows Server 2008 R2 SP1 Technical Overview
    Microsoft has fixed multiple MSI-related issues with Windows Server 2008's Terminal Services to ensure that MSI install packages can be installed normally and ...
  33. [33]
    Understanding and Evaluating RemoteFX vGPU on Windows Server ...
    Sep 8, 2018 · *Enabling RemoteFX vGPU for a Windows 7 virtual machine results in a RDP 7.1 protocol. Enabling and Disabling Hardware Acceleration. As you ...
  34. [34]
    Remote Desktop Protocol (RDP) 8.0 update for Windows 7 and ...
    The Remote Desktop Protocol (RDP) 8.0 update lets you use the new Remote Desktop Services features that were introduced in Windows 8 and Windows Server 2012.<|control11|><|separator|>
  35. [35]
    s new in Windows Server 2012 Remote Desktop Gateway
    Sep 7, 2018 · Windows 7 SP1 with RDP 8.0 update. HTTP; UDP; RPC over HTTP (fallback) ... remote desktop clients that request a connection through RD Gateway in ...<|separator|>
  36. [36]
    Update for RemoteApp and Desktop Connections feature is ...
    Introduction. This article describes the Remote Desktop Connection (RDC) 8.1 client update that lets you use the new Remote Desktop Services features.
  37. [37]
    Remote Desktop Protocol (RDP) 10 AVC/H.264 improvements in ...
    With RDP 8, we introduced RemoteFX Media Streaming which uses AVC/H.264 to remote video content detected on the server. RemoteFX Media Streaming replaced Multi ...Missing: channel | Show results with:channel
  38. [38]
    What's New in the Remote Desktop Web Client - Microsoft Learn
    Added support for redirecting local microphone input to the remote session. Fixed issues with AltGr and several other keyboard bugs. Accessibility improvements.
  39. [39]
    RDS Connection Broker or RDMS fails after you disable TLS 1.0 in ...
    Jan 15, 2025 · This article provides methods to make sure Remote Desktop service (RDS) Connection Broker and Remote Desktop Management service (RDMS) can work as expected.<|separator|>
  40. [40]
    Understanding Azure Virtual Desktop network connectivity
    Sep 4, 2025 · Azure Virtual Desktop uses Remote Desktop Protocol (RDP) to provide remote display and input capabilities over network connections.Missing: definition | Show results with:definition
  41. [41]
    how to make 4k resolution for remote desktop connection
    Oct 20, 2025 · I have setup Remote Desktop Client on my Window 11 with full screen 3840x2160 resolution. When the remote desktop is connected, it flashes and ...
  42. [42]
    Use RDP Multipath to improve Azure Virtual Desktop connections
    Oct 3, 2025 · Learn how RDP Multipath enhances remote connections to an Azure Virtual Desktop session by intelligently managing multiple network paths.Prerequisites · Verify Rdp Multipath... · Manage Rdp Multipath...
  43. [43]
    Manage Transport Layer Security (TLS) in Windows Server
    Apr 18, 2025 · The Windows 10 Policy CSP supports configuration of the TLS Cipher Suites. For more information, see Cryptography/TLSCipherSuites. Configure ...
  44. [44]
    Windows App to replace Remote Desktop app for Windows
    Starting May 27, 2025, the Remote Desktop app for Windows from the Microsoft Store will no longer be supported or available for download and installation.
  45. [45]
    Get started with Windows App to connect to devices and apps
    Apr 2, 2025 · Learn how to securely connect to devices and apps from Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, ...Windows App · Windows App documentation · What's new in Windows App
  46. [46]
    [MS-RDPBCGR]: Introduction - Microsoft Learn
    Apr 23, 2024 · The Remote Desktop Protocol: Basic Connectivity and Graphics Remoting facilitates user interaction with a remote computer system.
  47. [47]
    [MS-RDPBCGR]: Glossary - Microsoft Learn
    Oct 30, 2024 · Remote Desktop Protocol (RDP): A multi-channel protocol that allows a user to connect to a computer running Microsoft Terminal Services (TS).
  48. [48]
    T.124 : Generic Conference Control - ITU
    Number, Title, Status ; T.124 (01/07), Generic Conference Control, In force ; Superseded and Withdrawn components ; Number, Title, Status.
  49. [49]
    [MS-RDPBCGR]: Relationship to Other Protocols | Microsoft Learn
    Sep 3, 2022 · Multipoint Communication Service Protocol Specification [T125]. Multipoint Application Sharing [T128]. The following protocols are tunneled ...
  50. [50]
    [MS-RDPBCGR]: Versioning and Capability Negotiation
    Apr 7, 2025 · Capability negotiation for RDP is essentially the same as for T.128. The server advertises its capabilities in a Demand Active PDU sent to the client.
  51. [51]
    [MS-RDPBCGR]: Connection Sequence - Microsoft Learn
    Apr 7, 2025 · The goal of the RDP Connection Sequence is to exchange client and server settings and to specify common settings to use for the duration of the connection.
  52. [52]
    [MS-RDPBCGR]: Security-Enhanced Connection Sequence
    Apr 7, 2025 · The goal of the Security-Enhanced Connection Sequence is to provide an extensible mechanism within RDP so that well-known and proven security protocols<|control11|><|separator|>
  53. [53]
    NSCodec Bitmap Compression - MS-RDPNSC - Microsoft Learn
    Feb 14, 2019 · NSCodec bitmap compression is used when the RDP session color depth is 32 bpp and the bitmap of interest is either 24 bpp.Missing: remoting | Show results with:remoting
  54. [54]
    [MS-RDPNSC]: Protocol Overview (Synopsis) - Microsoft Learn
    Jun 24, 2021 · The Remote Desktop Protocol: NSCodec Codec Extension reduces the bandwidth associated with desktop remoting by efficiently compressing 24 bits ...
  55. [55]
    [MS-RDPRFX]: RLGR3 | Microsoft Learn
    In general, RLGR3 encodes faster than RLGR1 but is marginally worse in terms of compression ratio. Additional resources ...Missing: RDP | Show results with:RDP
  56. [56]
    Graphics encoding over the Remote Desktop Protocol
    Mixed-mode · Full-screen video encoding · Hardware GPU acceleration · Chroma subsampling support for 4:2:0 and 4:4:4.
  57. [57]
    [PDF] [MS-RDPEGFX-Diff]: Remote Desktop Protocol
    The Remote Desktop Protocol: Graphics Pipeline Extension is designed to operate over a non-lossy dynamic virtual channel, as specified in [MS-RDPEDYC] sections ...
  58. [58]
    Supported Configurations for Remote Desktop Services
    Jul 7, 2025 · The following guest operating systems have RemoteFX vGPU support: Windows 11; Windows 10; Windows Server, in a single-session deployment only ...
  59. [59]
    RemoteFX Codec - MS-RDPRFX - Microsoft Learn
    Apr 23, 2024 · The entropy coding is performed using the Run-Length Golomb-Rice Coder (RLGR) ([ARLGR] section 3), which yields compression gains at relatively ...Missing: RDP | Show results with:RDP
  60. [60]
    [MS-RDPBCGR]: Keyboard and Mouse Input - Microsoft Learn
    Apr 7, 2025 · The client sends mouse and keyboard input PDUs in two types: slow-path and fast-path. Slow-path is similar to T.128 input.Missing: Remote Desktop
  61. [61]
    [MS-RDPECI]: Remote Desktop Protocol: Core Input Virtual Channel ...
    Apr 23, 2024 · The Remote Desktop Protocol: Core Input Virtual Channel Extension enables remoting of keyboard and mouse pointer input over the UDP transport.
  62. [62]
    Configure clipboard redirection over the Remote Desktop Protocol
    Jun 20, 2025 · You can configure the redirection behavior of the clipboard between a local device and a remote session over the Remote Desktop Protocol (RDP).Missing: docs | Show results with:docs
  63. [63]
    Configure audio and video redirection over the Remote Desktop ...
    Jun 20, 2025 · This article provides information about the supported redirection methods and how to configure the redirection behavior for audio and video peripherals.Missing: dynamic channels
  64. [64]
    Configure printer redirection over the Remote Desktop Protocol
    Sep 6, 2025 · You can configure the redirection behavior of printers from a local device to a remote session over the Remote Desktop Protocol (RDP).
  65. [65]
    Configure USB redirection on Windows over the Remote Desktop ...
    Jun 20, 2025 · You can configure the redirection of certain USB peripherals between a local Windows device and a remote session over the Remote Desktop Protocol (RDP).
  66. [66]
    [MS-RDPBCGR]: Enhanced RDP Security | Microsoft Learn
    Apr 7, 2025 · When Enhanced RDP Security is used, RDP traffic is no longer protected by using the techniques described in section 5.3.
  67. [67]
    [MS-RDPBCGR]: Encryption Levels - Microsoft Learn
    Apr 7, 2025 · Standard RDP Security (section 5.3) supports four levels of encryption: Low, Client Compatible, High, and FIPS Compliant.
  68. [68]
    [MS-RDPBCGR]: External Security Protocols Used By RDP
    Apr 7, 2025 · In this article​​ RDP supports seven External Security Protocols: TLS 1.0 ([RFC2246]), TLS 1.1 ([RFC4346])<53>, TLS 1.2 ([RFC5246])<54>, TLS 1.3 ...
  69. [69]
    Use certificates in Remote Desktop Services | Microsoft Learn
    Jul 14, 2025 · You can use certificates to secure connections to your Remote Desktop Services (RDS) deployment and between RDS server roles.Missing: Network Level NLA
  70. [70]
    Windows FIPS 140 validation | Microsoft Learn
    Nov 13, 2024 · This topic introduces FIPS 140 validation for the Windows cryptographic modules. The Windows cryptographic modules are used across different Microsoft products.Windows client operating... · Windows Server operating...
  71. [71]
    Microsoft Security Update Guide - CVE-2019-0708
    You need to enable JavaScript to run this app.Missing: Protocol details
  72. [72]
    https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/592a0337-dc91-4de3-a901-e1829665291d
  73. [73]
    https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/f1c7c93b-94cc-4551-bb90-532a0185246a
  74. [74]
    CVE-2018-0886 Detail - NVD
    Mar 14, 2018 · A remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".Missing: RDP | Show results with:RDP
  75. [75]
    Critical Vulnerability in CredSSP Allows Remote Execution
    Mar 13, 2018 · This vulnerability consists of a flaw in CredSSP that is used by RDP and WinRM and which takes care of securely forwarding credentials to ...
  76. [76]
    What are the security risks of RDP? | RDP vulnerabilities - Cloudflare
    RDP connections almost always take place at port 3389*. Attackers can assume that this is the port in use and target it to carry out on-path attacks, among ...
  77. [77]
    October 14, 2025—KB5066835 (OS Builds 26200.6899 and ...
    Oct 14, 2025 · This security update contains fixes and quality improvements from KB5065789 (released September 29, 2025). The following summary outlines key ...
  78. [78]
    Zero Day Initiative — The October 2025 Security Update Review
    Oct 14, 2025 · This month, Microsoft released a monstrous 177 new CVEs in Windows and Windows Components, Office and Office Components, Microsoft Edge ( ...
  79. [79]
    What's new in Windows App - Microsoft Learn
    To learn how to connect to Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, and a remote PC, see Get started with Windows App.
  80. [80]
    FreeRDP
    3.17.2 release. FreeRDP 3.17.2 has just been released and uploaded to. https://pub.freerdp.com/releases/. FreeRDP version 3.17.2 is released: ... 25 Mar 2025 » ...3.16.0 release · Of /releases · Screenshots · Blog posts
  81. [81]
    rdesktop: A Remote Desktop Protocol Client
    rdesktop is an open source UNIX client for connecting to Windows Remote Desktop Services, capable of natively speaking Remote Desktop Protocol (RDP)
  82. [82]
    CoRD: Remote Desktop for Mac OS X
    CoRD was a Mac OS X remote desktop client for Microsoft Windows computers using the RDP protocol. It's easy to use, fast, and free for anyone to use or modify.
  83. [83]
    Windows App Mobile - Previously Remote Desktop - App Store - Apple
    Rating 4.1 (6,726) · Free · iOSAudio and video streaming. • Redirect folders, your clipboard, and local devices such as microphones and cameras. • Connect your iPhone or iPad to an external ...Missing: Android | Show results with:Android
  84. [84]
    Compare Windows App features across platforms and devices
    Feb 4, 2025 · Windows App supports Windows, macOS, iOS/iPadOS, Android/Chrome OS, and web browsers, but feature support varies across these platforms.Redirection · Authentication · Intune Mobile Application...
  85. [85]
    Activate the Remote Desktop Services license server - Microsoft Learn
    Feb 14, 2025 · The Remote Desktop Services license server issues client access licenses (CALs) to users and devices when they access the RD Session Host.
  86. [86]
    xrdp by neutrinolabs
    xrdp is an open-source Remote Desktop Protocol server providing graphical login to remote machines using RDP, supporting various RDP clients.
  87. [87]
    neutrinolabs/xrdp: xrdp: an open source RDP server - GitHub
    xrdp provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp accepts connections from a variety of RDP clients.Releases 43 · Issues 223 · Neutrinolabs/xorgxrdp: Xorg... · Pull requests 34
  88. [88]
    Troubleshoot issues for WorkSpaces Personal - AWS Documentation
    To help troubleshoot issues that your users might experience, you can enable advanced logging on any Amazon WorkSpaces client.
  89. [89]
    Configure RD Connection Broker for High Availability - Microsoft Learn
    Jul 2, 2025 · This article shows you how to set up a highly available Connection Broker cluster, including prerequisites, database configuration, load balancing, and final ...Prerequisites · Configure the database for the...
  90. [90]
    US8189661B2 - Remote desktop protocol (RDP) tile image ...
    Remote desktop protocol (RDP) tile image classification for improving compression efficiency and quality.
  91. [91]
    License Remote Desktop Services with Client Access Licenses (CALs)
    Jun 16, 2025 · Each user/device connecting to Remote Desktop Services needs a CAL, which is requested from a license server. There are per-device and per-user ...
  92. [92]
    Microsoft and Citrix Sign Technology Cross-Licensing and ...
    May 12, 1997 · Under the agreement, Microsoft will license Citrix ... ICA and T.Share protocols, respectively. These protocols are used to remotely ...Missing: RDP | Show results with:RDP
  93. [93]
    Tactics, Techniques, and Procedures of Indicted State-Sponsored ...
    Mar 24, 2022 · Globally open port 3389 for RDP access; and; Attempt to add the newly created account to the administrators group to gain elevated privileges ...
  94. [94]
    [PDF] INVESTIGATING THE RANSOMWARE INFECTION RATE OF K12 ...
    Once an open RDP port is found, the hacker can run a brute force credential attack (Hail. Hydra RDP Brute Force, 2018) that has the credentials for up to 15 ...
  95. [95]
    Ransomware Double Extortion and Beyond: REvil, Clop, and Conti
    Jun 15, 2021 · Ransomware-stricken organizations grapple with multilevel extortion schemes that are advancing at an alarming rate. What exactly happens in ...
  96. [96]
    REvil Threat Actors May Have Returned (Updated)
    Jul 6, 2021 · Ransomware cases worked by Unit 42 consultants in the first six months of 2021 reveal insights into the preferred tactics of REvil threat ...
  97. [97]
    Microsoft Operating Systems BlueKeep Vulnerability - CISA
    Jun 17, 2019 · The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, ...
  98. [98]
    https://scholarworks.lib.csusb.edu/cgi/viewcontent.cgi?article=2456&context=etd
  99. [99]
    https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-double-extortion-and-beyond-revil-clop-and-conti
  100. [100]
    RDP Ports Prove Hot Commodities on the Dark Web - Dark Reading
    Sep 17, 2018 · Remote desktop protocol access continues to thrive in underground markets, primarily to hackers who lack expertise to find exposed ports ...Missing: sales | Show results with:sales
  101. [101]
    How to Mitigate the Risks of Internet-Exposed RDP - Coalition
    Nov 20, 2023 · Use a virtual private network (VPN). A VPN can prevent unauthorized individuals from seeing that RDP exists within the organization. · Use multi- ...How To Mitigate The Risks Of... · Why Is Internet-Exposed Rdp... · How To Remediate...
  102. [102]
    RDP and VPN Remain Top Ransomware Attack Pathways - Halcyon
    Mar 14, 2025 · While VPNs should be secured and monitored, experts advise against exposing RDP services to the internet due to their high compromise rate.