Security Issue Fix for Microsoft Remote Desktop??

R

Rob1QV

Dear Tech People -


I am hoping that this forum can help me with a remote desktop security question. I love Microsoft remote desktop, and have used it for years. I run Windows 7 Pro on my main (host) computer, and have a Gateway Netbook running Windows 7 as my home laptop.


Now, I use the connection A LOT - as in, hours every day, not just quick fixes etc. Consistent, clear, user-friendly and non-laggy remote access is a MUST. Here is my problem: I would happily keep on using Microsoft RD except that I have recently been hacked, where I logged in and could see that someone had been logged in before me and getting all my passwords, etc. and trying to change my passwords to certain accounts and drain my accounts. I need it more secure than it is. My IT guy told me that Microsoft Remote Desktop is terrible for security and I should stop using it, because it has a known security vulnerability requiring "leaving a port open" in a firewall, which hackers hunt for and then blast with a password guesser machine until they break in. According to IT guy, I am especially vulnerable now that I have already been hacked, and the next one will be ransomware, etc. So, IT guy closed the open port, and he recommends I use LogMeIn or Teamviewer. I have tried both of these and the user experience absolutely stinks compared to my beloved Micorsoft RD. Now I am hunting for a new replacement (currently looking a RemotePC, Anydesk, and Chrome Remote Desktop). But I thought that Microsoft would surely have some fix for this issue.


Is it true that there is no way to connect using Microsoft RD without an "open port"? My IT guy told me that the reason the other systems were preferable to Microsoft RD is because you can set those systems to ID "safe devices" from which you connect, or to send an authentication code by text to verify every connection. He said Microsoft RD does not have those features, so anyone who guesses your password and gets in via the "open port", gets full access to your computer. I tried calling Microsoft tech support, which was an absolute joke. One Indian-accented scripted response after another that ended more than once with someone giving me a new number to call, so that I could call and get more scripted responses. I knew I was in trouble when I told my hacking story to the 5th support person I'd spoken to and she told me "No, there is no security fix for that, but don't worry, when we get a security fix and update it we will alert you". Don't worry? After I just told you I got hacked through your software and my bank accounts were compromised? I was underwhelmed with the phone options for Microsoft tech support, and I hope that this forum is a more useful guide for solving my problem. Please help if you are able. Thanks!

Continue reading...
 
Back
Top Bottom