Re: .NET 4.0.30319
"thus a VPN connection can be hacked/initiated/abused with a brute force hack (often)"
If you can brute-force your VPN solution, it hasn't been configured correctly. IPsec VPN's require a shared secret/client certificate to proceed to the authorisation step and SSLVPN's can be configured with similar client certificate checks or some other pre-authorisation check to ensure brute forcing requires the pre-authorisation to be brute forced before attempting username/password attacks.
"I might not make myself popular with my statements, but I trust Microsoft more to mitigate these flaws than I do Cisco (at the ASA level)."
Assuming you patch both Microsoft and Cisco solutions, the Cisco solution allows you to adopt a higher level of security than is possible with Microsoft RDP solutions. If you are comparing a patched Microsoft solution with an unpatched Cisco solution you may have a point, but I suspect you might be missing the point of having infrastructure that you can support and maintain in order to ensure it is secure.