“Some Chinese thin clients require intstallation of a 3rd party program called “RDP Wrapper” into your computer’s operating system. Is RDP Wrapper safe?”
In the last few months, an increasing number of customers have inquired about RDP Wrapper to address their remote desktop solution needs in Microsoft Windows operating systems. After studying the materials available, there is a need to explain some points and help our customers to make an objective decision. In this blog post, I will focus on two areas: legality and security.
Is RDP Wrapper legal?
Without ambiguity, RDP Wrapper is not legal. It violates the End User License Agreement (EULA) of the Microsoft Windows desktop operating systems. The EULA states:
- License. The software is licensed, not sold. Under this agreement, we grant you the right to install and run one instance of the software on your device (the licensed device), for use by one person at a time, so long as you comply with all the terms of this agreement. Updating or upgrading from non-genuine software with software from Microsoft or authorized sources does not make your original version or the updated/upgraded version genuine. In that situation, you do not have a license to use the software.
- Device. In this agreement, “device” means a hardware system (whether physical or virtual) with an internal storage device capable of running the software. A hardware partition or blade is considered to be a device.
- Restrictions. The manufacturer or installer and Microsoft reserve all rights (such as rights under intellectual property laws) not expressly granted in this agreement. For example, this license does not give you any right to, and you may not:
- use or virtualize features of the software separately.
- publish, copy (other than the permitted backup copy), rent, lease, or lend the software.
- transfer the software (except as permitted by this agreement);
- work around any technical restrictions or limitations in the software.
- use the software as server software, for commercial hosting, make the software available for simultaneous use by multiple users over a network, install the software on a server and allow users to access it remotely, or install the software on a device for use only by remote users;
- reverse engineer, decompile, or disassemble the software, or attempt to do so, except and only to the extent that the foregoing restriction is permitted by applicable law or by licensing terms governing the use of open-source components that may be included with the software; and
- when using Internet-based features you may not use those features in any way that could interfere with anyone else’s use of them, or to try to gain access to or use any service, data, account, or network, in an unauthorized manner.
Using the RDP Wrapper to work around defined restrictions defined violates the EULA. The legal way to connect multiple users to a Windows operating system is using a server version of Microsoft Windows with appropriate Client Access Licenses (CALs) and Remote Desktop Services Client Access Licenses (RDS CALs). Customers are advised to adhere to the Microsoft Windows Server license agreement and purchase the necessary CALs and RDS CALs for their remote desktop deployments. The Remote Desktop Services, available in server versions of Microsoft Windows operating systems, make the RDP Wrapper redundant.
Is RDP Wrapper secure and safe? “NO”
Is RDP Wrapper introducing security vulnerabilities? The answer to this question is a resounding “YES.” RDP Wrapper adds a weakness to the system. It opens a gateway for potential hackers to attack and introduce trojan horse software to steal and take control over a user’s data. With a quick Google search for RDP Wrapper, one can find many entries regarding issues like “Windows security update breaks RDP Wrapper”. The solution proposed to fix this issue is rolling-back the latest Windows security updates, which leaves the affected Windows system vulnerable against known security weaknesses. Others suggest disabling Windows Update entirely, so future Windows security updates cannot disrupt RDP Wrapper. No imagination is needed to foresee the catastrophe, which disabling the Windows security updates can cause. ServHelper is an example of malware that focuses on setting up reverse SSH tunnels to allow the threat actor to access the infected host via RDP. Once ServHelper established remote desktop access, the malware adds functionality for the threat actor to hijack legitimate user accounts or web browser profiles. RDP Wrapper, which is illegal to use and leaves Windows OS in a more vulnerable state, is an invitation for threat actors to attack. Also, there are many virus warnings related to RDP Wrapper. Potentially, RDP Wrapper can be removed by the AVG and Norton Antivirus software. This is the big red flashing “Do Not Use” sign for all users with security concerns.
Customers looking for remote desktop solutions should avoid RDP Wrapper. Violation of Microsoft EULA and opening security vulnerabilities is never wise.