[vc_row][vc_column][vc_column_text]We’re tracking a potential security breach with TeamViewer software which has been developing over the last several days. The full extent and technical details of the issue are currently unknown as the software developer behind TeamViewer has not acknowledged that a breach has occurred, however many users of the software have reported intrusions, computer “hijacking,” and thefts that seem to implicate that the service has been breached.
TeamViewer is included in our RMM suite from LogicNow as a rebranded product called Take Control, and is deployed on the majority of the computers and servers we manage. In addition, our engineers use a “Take Control Viewer” on their computers to view the screens of hosts, but the Viewer does not have “host capability,” and therefore should not be vulnerable.
Thus far, TeamViewer’s response to the concerns has blamed the issue on weak passwords chosen by end-users, and they have acknowledged no breach of security in their own systems. We have worked closely with our RMM provider to gauge the risk inherent in the RMM version of TeamViewer, and have received assurance from LogicNow that this version is not vulnerable to the password problem.
However, news reports indicate that the problem is real, widespread, and may not be limited to TeamViewer accounts with weak passwords. Some clients have reached out to us to express concern about the issue and ask advice. Because so little is known about the cause or method of the reported hijackings, we are taking several actions out of an abundance of caution.
We’ve sent a notice to clients describing the problem, informed them of our decision to discontinue use of the TeamViewer platform and to accelerate our migration to a new platform, advised clients to remove any personal copies of TeamViewer, and offered to answer any questions about our decision.
Next, we will update the RMM policy for all managed computers to disable and remove the Take Control host. Once we have removed Take Control from all managed computers, we will review the installed software on all remaining computers to locate any which need special attention and flag the affected clients for followup communication.
While our systems have been deemed safe based on all that’s currently known about the issue, we are removing the software out of an abundance of caution, and strongly recommend the removal of client-owned copies as well.
Please let me know if you have any questions or concerns. Thank you.
Director of Technology
Technical Support: 615.324.8888[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][wproto_image image=”10951″ image_size=”500×91″ link_type=”custom” custom_link=”http://concepttechnologyinc.com/malwareprotection/” image_align=”aligncenter”][/vc_column][/vc_row]