Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

TeamViewer hacked: Here’s how to protect your systems

TeamViewer hacked

After reports of a serious bug, the developers behind the popular remote desktop management software TeamViewer has released an important Patch to seal this vulnerability. Since Teamviewer allows users to share what’s displayed on their desktops with anyone in the world (and more importantly, grant someone else access to their computer), vulnerabilities in TeamViewer can be fairly serious. This specific TeamViewer vulnerability provides the presenter with an opportunity to overtake the viewer’s system, and vice versa.

If your enterprise uses TeamViewer, we strongly recommend updating to the latest version of TeamViewer to prevent this exploit from being used in your network. 

Understanding the TeamViewer hack

TeamViewer uses Microsoft’s Remote Desktop Protocol (RDP), allowing the presenter and viewer to share screens using a secret authentication code. Fortunately, this vulnerability can only be exploited if the authentication code is shared and both screens are connected.

Gellin, a GitHub user, originally reported this vulnerability by publishing a proof of concept code that contains an injectable C++ DLL file. This code exploits naked inline hooking and memory alterations to change TeamViewer permissions. According to Gellin’s report, this exploit can be used by both the host and the client.

If the exploit is performed from the server side, the “switch sides” feature can be enabled, allowing the server to initiate a change of control on the client. If the same maneuver is executed on the client’s side, it will allow them to take control of the server’s keyboard and mouse, without any consideration for the server’s settings and permissions. 

TeamViewer hack remedies

TeamViewer has already released patches for Windows, Mac, and Linux, which you can download to manually update TeamViewer on each of your individual systems. Alternatively, you can use our patch Management Solution, Patch Manager Plus, to patch up to 25 computers for free.

Already using Patch Manager Plus in your network? Navigate to Supported Patches under the Deployment tab, and search for the bulletins below.  

Bulletin information for Windows and Mac

For Windows:

Bulletin ID: TU-057

Patch ID: 306780

Version: TeamViewer 13 (13.0.5640)

For Mac:

Bulletin ID: MAC-043

Patch ID: 601352

Version: TeamViewer 13 (13.0.5640)

As last month’s Microsoft Office Equation Editor vulnerability shows, hackers can exploit software vulnerabilities faster than you might think. Don’t leave your enterprise vulnerable by waiting to patch TeamViewer. If you’re still wondering how a patch management solution can make a difference in your enterprise, we recommend reading this article and checking out our online demo.

This post first appeared on Network Monitoring & Management Software-OpManager, please read the originial post: here

Share the post

TeamViewer hacked: Here’s how to protect your systems


Subscribe to Network Monitoring & Management Software-opmanager

Get updates delivered right to your inbox!

Thank you for your subscription