Can a virus spread through a network share used by an RDP connection?

There's no automated mechanism where a virus would spread through the shared local drives. Unless you count users as Automated Tools of Destruction™ (which I would not underestimate).

We block such access for a couple reasons:

  • Users have a nasty habit of exploiting any superfluous features we allow for their personal enjoyment (and/or accidentally), usually leading to me cleaning up some sort of mess (like that 90+GB of home pictures someone accidentally copied). It doesn't have to be a virus to bring the server to it's knees.
  • We can worry less about what the users are copying off our network. You might not be in the same position we are, but we have financial and personal data laying around everywhere. Most users have access to it. We want to limit their copying of that data to external places to mechanism that are logged and generally easy to trace.
  • There's basically no use case for that access in the first place. We already have a file transfer website, easier and more reliable than copying files in a RDP session. I've only ever had one user ask about transferring files, and one other user ask about printing (which is also disabled by policy).

YES, INDEED.

Allowing disks to be mapped through a RDP connection is almost as insecure as letting someone go to your server and plug a unknown USB stick in it. There is no extra layer of security here. Users would of course have to open up the dangerous files, like any other virus infection.

The options are simple:

  • Don't allow disk mappings (use sharepoint in combination with UAG or similar instead)

or

  • Secure your server(s) (with antivirus, anti-spyware etc, wich you should do anyways)

Firewalls doesnt help anything, as the RDP session is already encrypted.