PcAnywhere code stolen, Symantec warns of exploits

By on
PcAnywhere code stolen, Symantec warns of exploits

Company recommends to stop using its product pending fixes.

Symantec is advising users of its pcAnywhere remote access product to disable the software if they don't absolutely need it.

Warnings come amid confirmation by the security giant that hackers stole a portion of the company's source code dating back to 2006.

The code related to the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks and pcAnywhere.

The code is old enough, however, that users of the Norton products do not face any increased threat of attack, the note said.

However, pcAnywhere customers do face elevated risk, which contradicts earlier statements from the company that its products were not vulnerable due to the theft and that its own network was not breached.

"Our current analysis shows that all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk, as well as customers using prior versions of the product," Symantec said on its website.

"pcAnywhere is also bundled with numerous Symantec products. The full standalone product is bundled in a number of Altiris-based solutions."

Altiris products perform IT management functions.

A white paper released Wednesday recommended that pcAnywhere users stop using the software until permanent patches are available, unless they require it for mission-critical operations.

"Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits," the paper said.

"Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information...At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks."

In a Wednesday security advisory, Symantec disclosed two vulnerabilities, one related "high" in severity, that impact pcAnywhere.

The flaws can be exploited to elevate privileges or execute remote code, and Symantec has made available a hotfix.

In addition, the company issued recommendations for organisations that require the use of remote access software, such as pcAnywhere. They include setting corporate firewalls to bar inbound or outbound traffic not using VPN tunnels, and creating password-strength policies.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?