FAQ

POODLE and LogMeIn: What You Need to Know

Issue

Objective

Environment

Procedure

Answer


The security community recently identified a new vulnerability in the SSLv3 protocol, known as POODLE (Padding Oracle On Downgraded Legacy Encryption).

Are LogMeIn Products vulnerable?

The latest versions of LogMeIn products and services are not impacted by POODLE. Since the vast majority of our customers receive auto-updates, most users can rest assured that they are protected against such attacks. We’ve included the latest version numbers below and have provided information to help you check your version and update if required.

How about your browser?

Unless you are using Internet Explorer 6 (IE 6) with Windows XP Pre Service Pack 3, you’re in good shape.
Important: If you still have IE 6 installed on your computer, please update to Internet Explorer 7 or higher even if you are not using it as your primary browser.
Tip: Use this third-party service to check your browser for vulnerability: https://www.poodletest.com/
If IE 6 remains on your computer, keep in mind that IE 6 is NOT SUPPORTED and you will experience problems: 
  • From any LogMeIn website, you will receive the following message:  “Internet Explorer cannot display the webpage”
  • When attempting to use the LogMeIn Client, you will be unable to login or connect

Latest LogMeIn product versions

The latest versions of LogMeIn products are NOT affected by the POODLE vulnerability. Here is a list of the latest versions, as well as instructions on how to quickly determine which version you are running and how to manually upgrade, if necessary.
  • LogMeIn Pro (host software) Windows v4.1.0.4408 and above; Mac v4.1.0.4405 and above; LogMeIn Client version 1.3.422  – How to check
  • Rescue Technician Console, Calling Card 7.4 or newer
    • How to check: Technician Console Options > About LogMeIn Rescue; Calling Card Settings > About
  • Cubby 1.0.0.12648 – How to check
  • join.me 1.17.0.156 – How to check
  • RemotelyAnywhere Release 11.3.2821 Latest available here
  • AppGuru -- Not impacted by POODLE due to LogMeIn webserver updates
  • Zamurai  Not impacted by POODLE
  • Xively – Not impacted by POODLE due to LogMeIn webserver updates
  • Hamachi – Not impacted by POODLE
  • Backup – How to check  
  • Meldium Not impacted by POODLE
  • BoldChat  Not impacted due to webserver updates; for details, see POODLE and BoldChat

Cause

Resolution

Additional Information