01-05-2021

Windows Embedded Remote Desktop



  • Remote Desktop Protocol (Windows Embedded Compact 7) In Windows Embedded Compact 7 (Compact 7), if you are an OEM, you can add support for the Remote Desktop Protocol (RDP) and Remote Desktop Connection (RDC) when you configure the OS of your devices.
  • By default on a Windows Server Product Windows Remote Management (WinRM) is enabled, but Remote Desktop (RDP) is Disabled. On workstation operating systems neither is enabled by default. For instructor-led Windows Server training, see our class schedule. Enabling RDP locally.

Enable Remote Desktop Windows 10

Summary

Microsoft provides a Linux SDK for WVD, which these three vendors use to build their own remote desktop client. There are also Windows 10 IoT Enterprise-based thin clients available from vendors such as Dell Wyse and HP. Windows 10 IoT Enterprise is basically a scaled-down version of Windows 10; its predecessor was Windows Embedded. There are many advantages of having an All-In-One network application for your remote tasks, e.g. When you use SSH to connect to a remote server, a graphical SFTP browser will automatically pop up in order to directly edit your remote files. Your remote applications will also display seamlessly on your Windows desktop using the embedded X server.

*** Vulnerable RDP servers should be patched IMMEDIATELY even where there is a potential business impact (unscheduled maintenance). Notify security@berkeley.edu if you anticipate any delays in patching. ***

A remote code execution vulnerability exists in Microsoft Remote Desktop Services – formerly known as Terminal Services.

An unauthenticated attacker can exploit this vulnerability by connecting to the target system using the Remote Desktop Protocol (RDP) and sending specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

RDP on Microsoft Server 2008/2008 R2 and Windows 7 are affected. Microsoft has also issued patches for End-of-Life operating systems Windows Server 2003 and Windows XP. [1] [2] [3]
Download

Impact

An attacker who successfully exploits this vulnerability can execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.[1]

Microsoft has advised that this vulnerability is “wormable”, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. [4]

Vulnerable

  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows Server 2003 SP2 x86
  • Microsoft Windows Server 2003 x64 Edition SP2
  • Microsoft Windows XP SP3 x86
  • Microsoft Windows XP Professional x64 Edition SP2
  • Microsoft Windows XP Embedded SP3 x86

Recommendations

  • Patch vulnerable systems IMMEDIATELY.

  • Patching priority should first focus on Internet-facing RDP servers, then Campus network-facing RDP servers, and finally any other RDP servers that are internal or restricted to trusted IP addresses. All vulnerable RDP servers should be patched without delay.

  • Notify security@berkeley.edu if you anticipate any delays in patching.

  • There are no known workarounds for this vulnerability. RDP servers with Network Level Authentication (NLA) enabled can mitigate wormable malware, but are still vulnerable if valid credentials are used.

References

[1] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

[2] https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/

[3] https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

Gilbarco electroline service manual. [4] https://krebsonsecurity.com/tag/cve-2019-0708/

At one of our customers we deployed RDS RemoteApp server farm. Customer bought thin clients HP T510. When they connected to RemoteApp using Windows XP and Windows 7 on normal computers there were no problems with RemoteApps. When they connected to RemoteApp using Windows 7 Embedded on thin clients, they had problems with RemoteApp windows. RemoteApp windows were not displayed right. There was one extreme problem: User opened Microsoft Outlook, opened message and pressed Reply. Starte to type, but no characters were displayed. When you clicked on some part of the window all the text appeared. So RDP client sent all key strokes to RDP server, but RDP client didn’t refresh content of the window.

After some investigation I found out that Windows XP and Windows 7 had RDP client version 6.3.9600 (RDP 8.1 supported), but Windows 7 Embedded had only 6.2.9200 (RDP 8.0 supported). I’ve tried to google for some path or some HP image with RDP 8.1 for Windows 7 Embedded. No success. When you look on Remote Desktop Service Blog website, you can even find informaction that there is no RDP 8.1 for Windows Embedded.

Windows Embedded Remote Desktop Client

Webex with microsoft teams. But I found five hotfixes which are required for Windows 7 Emedded to have RDP client version 6.3.9600 (RDP 8.1 supported): Insanity max 30 utorrent.

Windows 10 embedded remote desktop
  • KB2574819-v2-x86
  • KB2592687-x86
  • KB2857650-x86
  • KB2830477-x86
  • KB2913751-x86

When you install all those updates you need to reboot machine and you will have nice RDP client version 6.3.9600 (RDP 8.1 supported):

Setup Remote Desktop Windows 10

That’s all for now,