Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Microsoft has begun the rollout of its new Windows App—a “unified experience” that lets users access a Windows device from other supported devices.
The new application supports connections to Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, and other remote PCs, according to Microsoft’s September 20 announcement. Supported platforms include Windows, macOS, and iOS, with a preview branch available for Android and ChromeOS devices. The app can also be accessed via web browsers.
As The Register pointed out, the Windows App is primarily a rebranding of Microsoft’s existing Remote Desktop client, which is in widespread enterprise use. Microsoft wrote in the announcement that Windows App supports a number of new or improved features, including customizability, account switching, and unified access. Windows App fully replaces the Remote Desktop Connection app for macOS and mobile operating systems, although that app hasn’t been deprecated on Windows.
Remote access tools, in general, pose a variety of security issues—when vulnerabilities allow for remote code execution, attackers can gain access to a system remotely, escalate privileges, pivot to other systems, and wreak havoc.
RDP also lacks built-in protection, meaning that it’s on users to implement security enhancements like multi-factor authentication, firewalls, and self-signed certificates or network-level authentication.
(Security firm ESET recommends restricting access to internal IP addresses from corporate VPN servers as an absolute baseline, as well as only allowing Remote Desk Protocol [RDP] access from a whitelist of users’ public IP addresses.)
As a result, RDP is one of the most sought out access vectors for cyber criminals.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
When businesses transitioned to work-from-home models during pandemic lockdowns in 2020, Ars Technica reported, internet-connected device search engine Shodan immediately registered a spike in the number of RDP servers exposed directly to the internet. In fact, in early 2021, ESET said it had detected a 768% increase in RDP attacks across all quarters of the year before.
In 2022, IBM X-Force tracked nearly 80,500 instances of RDP access being advertised on dark net markets, accounting for around 76% of all cloud account sales. A year later, X-Force found the average price of a single instance of RDP access had continued climbing, rising from $7.98 to $10.67 in 2023.
As of 2023, according to an analysis by security firm Sophos, RDP was used to establish initial access to the target endpoint in nearly two-thirds of a sample of 150 incident response cases. Around nine in 10 of those incidents involved some kind of RDP compromise.
“External remote services are a necessary, but risky, requirement for many businesses,” Sophos field CTO John Shier told TechRadar.
Maggie Malecek, a WE Communications spokesperson for Microsoft, sent IT Brew a statement quoting from a prior blog post that Windows App users will “benefit from advanced security features, including multi-factor authentication, which ensure a seamless and robust connection to your Cloud PCs.” Microsoft declined to comment further on whether the new app would have any additional security features compared to the preceding RDP client.