Addressing AnyDesk’s security incident

Options
adip
adip Administrator Posts: 61 admin

AnyDesk has recently reported a security incident, leading to potential vulnerabilities in its remote desktop access solutions. You can find the details of it here: https://anydesk.com/en/public-statement


As a security precaution, AnyDesk recommends changing all AnyDesk-related passwords. The certificate for older versions of the client will be blocked.


Please note: our Splashtop integration works as usual, providing an alternative method.

If you have any further questions, don’t hesitate to contact our support team at support@atera.com or via our live chat.

Thank you for your vigilance and cooperation!

Tagged:

Comments

  • gert.verhoeven
    gert.verhoeven Member Posts: 23
    Options

    Hi Adi,

    Thanks for the information.

    Atera is installing a custom client for AnyDesk with version number 7.0.14

    AnyDesk recommends upgrading to version 8.0.8
    When can we expect to see an upgraded custom client in Atera?

  • lauri.kinnunen
    lauri.kinnunen Member Posts: 17 ✭✭✭
    Options

    @Adi Pick what does mean "he certificate for older versions of the client will be blocked." like @gert.verhoeven said Atera is installing a custom client for AnyDesk with version number 7.0.14.

    It seems that i am still able to connect to devices using anydesk.

    In theory atera accounts towards Anydesk could be breached, could our customers be in risk?

  • lauri.kinnunen
    lauri.kinnunen Member Posts: 17 ✭✭✭
    Options

    Well based on Anydesk we should be good. https://anydesk.com/en/public-statement

  • gert.verhoeven
    gert.verhoeven Member Posts: 23
    edited February 5
    Options

    @lauri.kinnunen I created a script to stop and disable the AnyDesk service on all our agents. I will only enable the service again when the new version has been installed.

    AnyDesk will revoke the old certificate, and then we won't be able to use the old version anyway. The new certificate has been included in version 8.0.8.

    What I read on Reddit is that the latest version for the AnyDesk custom client was still 7.0.14 this morning. So there isn't much Atera can do until AnyDesk releases a new custom client version.

    It looks like everything that AnyDesk has done is precautionary, which is good. However, you can't be safe enough in this kind of situations.

  • lauri.kinnunen
    lauri.kinnunen Member Posts: 17 ✭✭✭
    Options

    @gert.verhoeven Did you share you script to the gallery?
    No harm done being extra cautious

  • gert.verhoeven
    gert.verhoeven Member Posts: 23
    Options

    It's still pending approval, but a very simple script:

    sc stop "AnyDesk-f45e5af2_msi" & sc config "AnyDesk-f45e5af2_msi" start=disabled
    sc stop "AnyDesk-f45e5af2" & sc config "AnyDesk-f45e5af2" start=disabled

  • adip
    adip Administrator Posts: 61 admin
    Options

    Hey all^

    We have some further updates regarding this, will be sharing with you all shortly!

    Thank you for your patience and cooperation!

  • michelle
    michelle Member Posts: 3
    Options

    Any update on when Atera/Anydesk client will be upgraded?

  • salleyne
    salleyne Member Posts: 1
    Options

    Any updates? Also will the custom Anydesk package automatically be deployed to all the agents?

  • [Deleted User]
    [Deleted User] Posts: 0
    Options

    Has Atera abandoned AnyDesk? I don't see any updates regarding efforts to make it available again.

  • cz
    cz Member Posts: 1
    Options

    Splashtop is my preferred remote access tool…but I need anydesk for those times splashtop doesn't work…this happens quite often..

  • [Deleted User]
    [Deleted User] Posts: 0
    edited February 10
    Options

    Five days later. Can you elaborate on what is meant by "shortly"?

  • adip
    adip Administrator Posts: 61 admin
    Options

    Hiii!

    We posted a new discussion and recommended actions the same day I posted this^ comment

    Here is the new thread:

  • tcp
    tcp Member Posts: 2
    Options

    Hi guys — any ETA on AD re-activation?

  • stryqx
    stryqx Member Posts: 1
    Options

    You can't rush them. I asked Support back in August to get the AnyDesk installer updated from 7.0.14 to the latest version to fix the numerous bugs, including security ones. Apparently it wasn't a priority to the product team back then and doesn't appear to be now.

  • computertribe
    computertribe Member Posts: 2
    Options

    Any news?

  • robb1007
    robb1007 Member Posts: 1
    Options

    Please give us another alternative since splashtop does not work a hundred percent of the time.

  • eds
    eds Member Posts: 1
    Options

    Hi, is there any movement on restoring Anydesk?

  • adip
    adip Administrator Posts: 61 admin
    edited February 29
    Options

    We want to update you on our progress regarding the AnyDesk custom client within Atera. Right now, we’re using the most updated version of AnyDesk’s custom client, which is version 7.0.14. So far, AnyDesk has not released a newer version for the custom client beyond this.

    Your data security and privacy are our top priority, and therefore we don’t want to release a version that is not ironclad and 100% safe and secure. While we took all the necessary steps in preparation for the update on Atera’s side, AnyDesk may not release a newer version of the custom client — but the same version with an updated certificate, which should suffice for re-enabling AnyDesk through our platform. From here on, we ask for your patience just a little longer while we remain in touch with the AnyDesk team.

    I can assure you that it's our top priority to re-enable Anydesk, but not at the cost of putting our customers at risk. Unfortunately, we are relying 100% on Anydesk at the moment to provide the fix.

    As soon as we have any new update, I will let you know!

    Rest assured that once we get the go-ahead from AnyDesk, we’ll promptly post here in the Atera Community to let you know.

  • computertribe
    computertribe Member Posts: 2
    Options

    TeamViewer? 😝

  • bmcnerney
    bmcnerney Member Posts: 1
    Options

    is there any update on this year? Killing accessing linux systems and causing delays in getting things resolved. Says to use splashtop when trying but thats no an option with linux machines. There should be a resolution by now.

  • Sarah_from_Atera
    Sarah_from_Atera Administrator Posts: 93 admin
    Options

    Hi @bmcnerney , Sarah from Atera here.

    Please check out the most recent post regarding Anydesk here to make sure you have the correct information.