Remote Desktop Services UserMode Port Redirector (UmRdpService)ID: oval:org.secpod.oval:def:80614 | Date: (C)2022-06-02 (M)2023-12-13 |
Class: COMPLIANCE | Family: windows |
Allows the redirection of Printers/Drives/Ports for RDP connections.
In a security-sensitive environment, it is desirable to reduce the possible attack surface -
preventing the redirection of COM, LPT and PnP ports will reduce the number of
unexpected avenues for data exfiltration and/or malicious code transfer within an RDP
session
Default: Manual.
Counter Measure:
The recommended state for this setting is Disabled.
Potential Impact:
Printers, drives and ports (COM, LPT, PnP, etc.) will not be allowed to be redirected inside RDP sessions.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\System Services\Remote Desktop Services UserMode Port Redirector
(2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UmRdpService!Start
Platform: |
Microsoft Windows 10 |