Terminal Services Security

5/10/2007

The Terminal Services macro component and Terminal Server Client component add both client and server functionality to your run-time image. Also, depending on your hardware, if you run Target Analyzer, it can detect and automatically include the Terminal Server Device Redirector, Terminal Server Mouse Driver, or Terminal Server Keyboard Driver components. Each of these brings in the Terminal Services macro component. This component then adds the Terminal Server Remote Desktop component. While the Terminal Server Remote Desktop component is not a security risk, it can introduce port or other vulnerabilities that a hacker can exploit if it is not set up properly.

If your device does not need to accept incoming connections, you should remove the Terminal Server Remote Desktop component after you run a dependency check on your run-time image.

If your device requires Terminal Server functionality, be aware that the component default is set to automatically allow server connections, but only the Administrator group has access.

See Also

Tasks

Adding an Administrator Account

Concepts

How to Configure Terminal Services

Other Resources

Terminal Services Configuration
Add Security Features to a Run-Time Image