Re: A question to hackers or security people
"Full control" means administrator-level access, so, yes, they could launch an RDP session if they wanted to. I recall the old Back Orifice party trick... you could remotely eject the CD tray, great for awareness raising, not much use for a criminal.
Typically, an attacker would try to be unobtrusive, and would install something to further their ultimate purpose. If the attack can be automated, then it will be used in drive-by attacks to install botnet software for later sale as DoS or spamming zombies; if the attack is more involved, then maybe used in targeted attacks on high-value victims for installing keyloggers; or capturing webcam images for extortion; the possibilities are endless.