The Raritan Blog

Yet Another Security Issue with Remote Access Software

Richard Dominach
March 16, 2012

Recent articles in InfoWorld, “Microsoft urges firms to focus on severe RDP flaw,” and PCWorld, “Microsoft issues Urgent Patch for ‘Wormable’ RDP Vulnerability,”(1) illustrate the potential dangers of software-based remote access tools.  The vulnerability, cited as “dangerous,” “very serious” and “critical” applies to the Remote Desktop Protocol, widely used throughout the IT industry for remote access.  Other software-based systems include VNC, pcAnywhere, and many others.

Software-based remote access is widespread.  The InfoWorld article mentions that “There could be as many as 250 million systems with an open RDP port” and  “An estimated 140,000 computers running pcAnywhere could be directly contacted from the Internet.”   In my previous blog focused on the dangers of poorly configured remote access systems, I cite another article that estimates 83 million open VNC ports.

Users of remote access software should closely follow best security practices as recommended by the applicable vendor and their security organization, as well as immediately apply security patches as they are available.  Users should not be complacent about the use of these tools, and should carefully and thoughtfully consider the benefits and risks, applying the proper safeguards to harden and monitor their environments.

Users should also consider the benefits of hardware based remote access, such as KVM-over-IP switches, which provide “out-of-band” access that does not rely on “software” running on the remote server.  Out-of-band access can be more secure, provide access even when the server’s OS or network is not working, and provide a wider range of use cases including BIOS-level access and remote booting.   A higher level of manageability can be achieved through centralized permissions, authentication, and logging.   And as the KVM switch does not rely on software running on the remote servers, there is never a need to patch hundreds or thousands of servers.

With 24x7 reliability required for today’s IT infrastructure, remote access is an absolute necessity.  These recent articles illustrate the dangers of software-based approaches and the need to seriously examine your remote access users to implement a secure, productive, and manageable remote access solution.

(1) https://www.pcworld.com/businesscenter/article/251760/microsoft_issues_urgent_patch_for_wormable_rdp_vulnerability.html

Subscribe


Upcoming Events

National Association of Broadcasters (NAB) Show
April 18 - 22  •  Las Vegas Convention Center - Las Vegas, NV
AFCOM Data Center World
April 20 - 23  •  Washington DC Convention Center - Washington, DC
CiscoLive 2026
May 31 – June 3  •  Mandalay Bay Convention Center - Las Vegas, NV
2026 OCP Global Summit
October 12 - 15  •  San Jose Convention Center - San Jose, CA
DCD Connect VA
November 3 – 4  •  Lansdown Resort - Leesburg, VA

View all Events

Latest Raritan News

Greater Choice, Scalability, Speed: Why Legrand is Doubling Down on Open Compute Project Innovations
Posted on October 3, 2025
Legrand Brings Greater Flexibility to Data Center Operators with New Intelligent Rack PDU Universal Input Option
Posted on February 26, 2025
Legrand Expands Full Suite of DX2 SmartSensors, Keeping Data Centers Ahead of Rack Power and Environmental Monitoring Challenges
Posted on December 18, 2024
Legrand Wins Back-to-Back Awards for Intelligent Rack Power Distribution Innovation
Posted on May 24, 2024
Legrand Certifications and Process Controls Provide Confidence in Information Security for Network-Connected Devices in Data-Related Applications
Posted on April 1, 2024

View all news