Symantec advises disabling pcAnywhere software

Symantec's pcAnywhere Symantec has released advice for businesses that rely on its pcAnywhere software

Related Stories

Security firm Symantec has warned customers to stop using its pcAnywhere software.

The company confirmed that "old" source code stolen by a hacking group had exposed vulnerabilities in the remote access program.

An advisory note on Symantec's website explained how to minimise risks for customers who used pcAnywhere for "business-critical purposes".

Other software from the company is not at a heightened risk, Symantec said.

In its website note, the company said it recommended "disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks".

'Man in the middle'

"Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits," it added.

It said the vulnerability left pcAnywhere users exposed to "man in the middle" attacks - a security hole which puts data at risk of being intercepted.

An attacker could potentially gain remote control of a company's network and access sensitive information.

A Symantec spokesman said that fewer than 50,000 people used the standalone version of pcAnywhere - although the software was also bundled as part of other security packages.

It suggested that corporate customers who used pcAnywhere for business-critical activity should "understand the current risks" and "apply all relevant patches as they are released, and follow the general security best practices".

Blueprints

News of the source code theft emerged earlier this year after hacking group Lords of Dharmaraja - believed to be based in India - threatened to post it online.

Symantec initially said there was no risk to users as the stolen code was six years old, advising simply to make sure the most recent version of the products had been downloaded.

But the updated advice said the stolen material had included blueprints for Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack) and pcAnywhere.

Of those products, only pcAnywhere is said to be at "increased risk", and users of the other software packages should not be concerned.

"The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialise as a result of this incident," the company reiterated on its website.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • Two women in  JohanesburgYour pictures

    Readers' photos on the theme of South Africa


  • Worcestershire flagFlying the flag

    Preserving the identities of England's counties


  • Female model's bottom in leopard skin trousers as she walks up the catwalkBum deal

    Why budget buttock ops can be bad for your health


  • The OfficeIn pictures

    Fifty landmark shows from 50 years of BBC Two


  • French luxury Tea House, Mariage Freres display of tea pots Tea for tu

    France falls back in love with tea - but don't expect a British cuppa


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.