After last months batch of Windows updates, no one can RDP into their machines.
Doing a bunch of testing turns up that you can't connect to ANY of the ports on the machine. Stopping the 'Base Filtering Engine' immediately makes the box perform like a 'normal' Windows workstation.
It also doesn't appear to be any of the services dependent on BFE either--I tried stopping those one-by-one and it didn't fix the issue.
I tried stopping the Windows Firewall Service, and that didn't fix it. I stopped their eTrust antivirus too.
Whenever the BFE service is running, you can't connect to anything on the machine. Any pointers? Google returns a ton of problems with BFE failing to start, but nothing that I can find about it denying all inbound traffic. This happens on both Windows 7 and Windows Vista boxes.
Sorry--forgot to post my answer after MS got back to me.
Microsoft said to run: Secedit /configure /cfg c:\Windows\inf\defltbase.inf /db defltbase.sdb /verbose
I'm not familiar with the secedit tool, so run it at your own risk, but apparently this clears out the firewall rules and then re-applies them from group policy on the next reboot.