Symantec: Disable your pcAnywhere software

The security giant advises users against running pcAnywhere until it has fixed vulnerabilities highlighted by a source code leak.

Hacking

Symantec is telling IT departments to disable its remote access software solution pcAnywhere after a source code leak meant the product faced an "increased security risk."

The security giant said it was reaching out to customers to warn them of additional dangers, after it admitted source code relating to various products was stolen.

Hacktivist group Anonymous had threatened to release Symantec source code earlier this month, leading the Norton provider to admit a breach in 2006 had compromised information.

Symantec recommends disabling the product until we release a final set of software updates.

Prior to today's revelation, Symantec had simply asked IT departments to ensure best practices with pcAnywhere use. The reviewed advice indicates the 2006 hack exposed more than initially thought.

"Symantec has taken an aggressive position to ensure pcAnywhere customers are protected. At this time, Symantec recommends disabling the product until we release a final set of software updates that resolve currently known vulnerability risks," a spokesperson said.

"For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow general security best practices."

From the 2006 hack, affected products include old versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack), as well as pcAnywhere. Symantec Endpoint Protection (SEP) 11.0 and Symantec AntiVirus 10.2 also inherited a very small amount of exposed code.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021