Do you have remote support software TeamViewer installed on your desktop?
If yes, then you should pay attention to a critical vulnerability discovered from the software of which could allow users sharing a desktop session to gain complete control of the additional’s PC without permission.
TeamViewer is actually a well-known remote-support software of which lets you securely share your desktop or take full control of additional’s PC over the Internet by anywhere from the globe.
For a remote session to work both computers—the client (presenter) in addition to also the server (viewer)—must possess the software installed, in addition to also the client has to share a secret authentication code with the person he wants to share his desktop.
However, a GitHub user named “Gellin” has disclosed a vulnerability in TeamViewer of which could allow the client (sharing its desktop session) to gain control of the viewer’s computer without permission.
TeamViewer Hack Could Be Used By Anyone—Server Or Client
Gellin has also published a proof-of-concept (PoC) code, which is actually an injectable C++ DLL, which leverages “naked inline hooking in addition to also direct memory modification to change TeamViewer permissions.”
The injectable C++ DLL (hack) can be used by both, the client in addition to also the server, which results as mentioned below:
If exploited by the Server—the hack allows viewers to enable “switch sides” feature, which is actually only active after the server authenticated control with the client, eventually allowing the server to initiate a change of control/sides.
If exploited by the Client—the hack allows the client to take control of the mouse in addition to also keyboard of the server “with disregard to servers current control settings in addition to also permissions.”
This specific vulnerability impacts TeamViewer versions running on Windows, macOS as well as Linux machines.
A Reddit user “xpl0yt,” who first publicized This specific vulnerability, claimed to have been in contact with the TeamViewer security team, who confirmed him the existence of the vulnerability in its software in addition to also scheduled a patch.
TeamViewer users are recommended to install the patched versions of the software as soon as they become available. Patches will be delivered automatically to those users who have configured their TeamViewer software to receive automatic updates.