GoToAssist Agent Vulnerabilities

Hi GlennD,

We're trying to tackle a ton of OpenSSL vulnerabilities and GTA is one of our biggest hitters. Do you know if this has been patched to v3.0.14?

Thanks

Great - thank you Glenn! 

Hi DaveK153, welcome to the community.

The current status is GTA v5 is using v3.0.13 of OpenSSL and our team will be updating to v3.0.14 as soon as possible after it is released. It appears OpenSSL sees this as a low severity https://www.openssl.org/news/secadv/20240408.txt 

Has this issue been resolved yet in terms of release of new client with updated OpenSSL?? We are getting OpenSSL vulnerabilities scores in MS Defender and they all seem to be related to the unassisted client.

Thank you for the good news. I will wait it.

Hi IBUS, welcome to the community.

I can confirm that we have an update to GoToAssist Remote Support v5 coming that will update the version of OpenSSL being used (final release date still to be confirmed). 

With GoToAssist Remote Support v4 I am waiting for some final details, but my understanding is that because we accepts TLS v1-2 on the server side this is not a concern.

There is no LogMeIn folder under my AppData\Local\Programs

Interesting.  I wonder why the difference in installation and file location between Win 10 (Pro in my case) vs. your Win 11???  Do you have anything under: AppData\Local\Programs\LogMeIn\GoToAssist Agent Desktop Console

I downloaded 64-bit version (G2AAgentDesktopConsole-x64.msi) and installed, then files are extracted under　C:\Program Files\GoTo\GoToAssist Agent Desktop Console. Our OS is Win11.