Jesus Christ this issue did my head in. Was struggling the entire WEEK trying to figure out why RDP was throwing "internal error" messages and why connections would logon then log off.
We have 2 virtual servers that clients RDP into. One was working fine and the other (of course, our main one which uses different ports) crapped out on Tuesday (which I see now is when the definitions got added/updated).
What a nightmare.
Does this rule only relate to RDP requests using different ports than 3389? I'm concerned about whitelisting this rule for our server that uses different ports and thereby lowering the additional security (if any) this rule might provide.