The Heartbleed exploit hit OpenSSL hard, and consequently all services that depend on it for encryption are at risk. The popular LogMeIn remote desktop service is one of those affected, leaving companies and individuals using the service exposed.
The folks at LogMeIn have just patched their host software to eliminate the vulnerability. Those using LogMeIn to access remote desktops now must do their part to close the exposure to Heartbleed completely.
According to LogMeIn, users of their service need to update all host software on every platform they use. This can be done by following the following instructions by the company.
- Check to confirm you're running the latest version of LogMeIn. You can do that by hovering your mouse over computers in your Central or My Computers page on the LogMeIn.com site, or by right clicking on the LogMeIn icon in your systems tray and opening LogMeIn Control Panel and click on the About tab.
- Confirm version number 220.127.116.1144 and above for Windows or version number 18.104.22.16845 and above for Mac.
- If you are using an older version, please click the Check Updates button in the LogMeIn Control Panel (as described above), and update the software.
- Change your Windows PCs or Macs passwords – This is for your computer login credentials only. You do not have to change your LogMeIn account login.
- Take a minute to review our FAQ on the LogMeIn help site.
This fix should not be delayed as your remote systems are exposed to hackers until the exposure is eliminated. LogMeIn has done its part in getting rid of the vulnerability, now you'd better do your part outlined in the instructions above to protect your own system.