A security vulnerability in a component of the Windows version of the TeamViewer client puts PCs at risk. Attackers can delete Windows files via TeamViewer vulnerability. The developers assure that the security update will install automatically.

Operating system at risk

Based on the according warning message, the TeamViewer Patch & Asset Management component is vulnerable (CVE-2024-12363 high). However, the component is not installed by default. It can be optionally installed in the context of the remote management feature. If this is not used, PCs are not vulnerable.

The developers say they have fixed the component in version 24.12. This security patch should install automatically, so users do not have to do anything.

Before this version, local attackers could exploit the vulnerability and delete arbitrary files under Windows. How this happens in detail and whether there have already been attacks is not yet known.