I imagine the type of people who have RDP publicly exposed are the same type of people who will not be upgrading from Win7 anytime soon.
I suspect we will see many exploits of this to come.
They can release it on the same day as the regular updates, and scan the whole IPv4 address space every hour.
That way, the pool of unpatched machines will be so tiny it isn't worth evil people trying to exploit it.
A quick Shodan query already does what you're thinking.