POODLE and LogMeIn: What You Need to Know
The security community recently identified a new vulnerability in the SSLv3 protocol, known as POODLE (Padding Oracle On Downgraded Legacy Encryption).
Are LogMeIn Products vulnerable?
The latest versions of LogMeIn products and services are not impacted by POODLE. Since the vast majority of our customers receive auto-updates, most users can rest assured that they are protected against such attacks. We've included the latest version numbers below and have provided information to help you check your version and update if required.
How about your browser?
Unless you are using Internet Explorer 6 (IE 6) with Windows XP Pre Service Pack 3, you're in good shape.
If IE 6 remains on your computer, keep in mind that IE 6 is NOT SUPPORTED and you will experience problems:
- From any LogMeIn website, you will receive the following message: "Internet Explorer cannot display the webpage"
- When attempting to use the LogMeIn Client, you will be unable to login or connect
Latest LogMeIn product versions
The latest versions of LogMeIn products are NOT affected by the POODLE vulnerability. Here is a list of the latest versions, as well as instructions on how to quickly determine which version you are running and how to manually upgrade, if necessary.
- LogMeIn Pro (host software) Windows v188.8.131.5208 and above; Mac v184.108.40.20605 and above; LogMeIn Client version 1.3.422 - How to check
- See Release Notes for other current versions
- Rescue Technician Console, Calling Card 7.4 or newer
- How to check: Technician Console ; Calling Card
- join.me 220.127.116.11 - How to check
- RemotelyAnywhere Release 11.3.2821 Latest available here
- AppGuru -- Not impacted by POODLE due to LogMeIn webserver updates
- Zamurai Not impacted by POODLE
- Xively - Not impacted by POODLE due to LogMeIn webserver updates
- Hamachi - Not impacted by POODLE
- BoldChat - Not impacted due to webserver updates; for details, see POODLE and BoldChat