Symantec tells customers to disable pcAnywhere

Summary:Security vendor urges users to temporarily stop using its pcAnywhere offering until update is released, as malicious hackers with access to leaked source code can identify vulnerabilities and build new exploits.

Symantec has advised customers to stop using one of its products, pcAnywhere, advising that the remote access software carries increased securiy risk after its blueprints were recently stolen.

The IT security vendor last week confirmed that a 2006 theft of its product source codes put customers at risk of an attack. Several other products including Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities and Norton GoBack also had its blueprints stolen.

In a whitepaper released Wednesday, Symantec asked customers to temporarily discontinue usage of pcAnywhere, until it releases a software update to mitigate the risk of an attack.

Symantec said malicious hackers who have access to the source code have an "increased ability" to identify vulnerabilities and build new exploits, and added that customers that do not follow general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information.

The security vendor also acknowledged that some customers had to continue using the affected software for "business critical purposes", but noted that they should use the most recent version of the product and "understand the current risks", which include the possibility that hackers could steal data or credentials.

The company also reiterated its previous stance that users of other software titles were not at heightened risk due to the breach in 2006. "The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident," Symantec said on its Web site.

Cris Paden, the company's spokesperson, also told Reuters in a Wednesday report that Symantec had fewer than 50,000 customers using the standalone version of pcAnywhere, which was available for sale on its Web site for US$100 and US$200 from Wednesday afternoon.

Topics: Security, Developer


Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.