Press release 09/10/2016

Press contact

Press & media representative

Axel Schmidt

Phone: +49 (0) 7161 60692 395
E-Mail: press (at) teamviewer.com

Statement on Local Credentials Disclosure TeamViewer Exploit

 

Göppingen/Germany, September 10, 2016. Security researchers recently identified a potential exploit of TeamViewer Version 11.0.65452 (64 bit). The available research states that the aforementioned TeamViewer version is “vulnerable to local credentials disclosure” as the User ID and password are stored in plaintext format on the local machine. The described procedure is a commonly applied practice in the software industry, and does not constitute a significant vulnerability. Additionally, TeamViewer stresses that users can easily protect themselves against this vulnerability by the software’s default set of security features.

The facts of the case are as follows:

  1. In order for that exploit to be applied the system needs to compromised by malware first. Therefore, the real issue is not a TeamViewer vulnerability but the lurking threat of malware which can come in countless shapes. So users need to make sure that their systems are adequately protected against malware.
  2. The described exploit concerns only the randomly set passwords and IDs of the TeamViewer client on the local machine. However, users can effectively protect their devices against that by setting individual passwords and enabling whitelisting. All manually set passwords are encrypted.
  3. For spontaneous, attended support TeamViewer temporarily stores a random password unencrypted in the local machine memory (RAM). This is done as the credentials are displayed in the client. In a typical remote access scenario, the credentials need to be displayed at some point so the user can supply them to the supporter. Therefore, the outlined practice does not represent a significant vulnerability. Furthermore, users can take steps to provide for additional security. See 2.
  4. It needs to be stressed that when a system is compromised, cyber criminals can easily install key loggers and other types of malware on that particular device, so that they can virtually do anything with that system. This – once more – underscores the need for proper malware protection.


Additionally, TeamViewer strongly recommends:

  • Users should always keep their software updated, and be certain that patches are installed.
  • Users should avoid all affiliate or adware bundles: While users may think they are just downloading a harmless program, the software could in fact install something else. In many cases, this may just be an irksome browser extension; however, it may also turn out to be malware that can cause extensive damage.
  • Users ought to download TeamViewer only through the official TeamViewer channels.
  • Users should make sure to have reliable anti-malware and security solutions in place.

The TeamViewer support team is happy to answer any potential technical issues or queries at: https://www.teamviewer.com/en/support/contact/submit-a-ticket/

TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their case. This is particularly important because TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.

 

About TeamViewer

Founded in 2005, TeamViewer is fully focused on the development and distribution of high-end solutions for online communication, collaboration and remote monitoring of IT systems. Available in over 30 languages and with more than 200 million users worldwide, TeamViewer is one of the world’s most popular providers of remote control and online meeting software. airbackup, a powerful cloud-based backup solution, and ITbrain, a valuable remote monitoring, anti-malware and IT asset tracking solution, complement TeamViewer’s product portfolio.

For more information, visit: www.teamviewer.com
Follow us on Twitter at @TeamViewer and on our blog at blog.teamviewer.com.

TeamViewer GmbH
Jahnstr. 30
73037 Göppingen