Symantec: pcAnywhere Now Safe

Wednesday, February 1, 2012 @ 02:02 PM gHale

Symantec gave its pcAnywhere software the all clear sign.

The software security company determined the current version of pcAnywhere is safe, provided users update it with a security patch released January 23.

Symantec: Turn Off pcAnywhere
Symantec Hit with Another Flaw
Symantec Breach: Vulnerability Victims
Symantec Source Code Stolen in β€˜06

The company is offering free upgrades to pcAnywhere 12.5 at no charge to all customers, even those using old editions that would not typically qualify for support, said spokesman Brian Modena. He also said while Symantec is advising all users to upgrade, they can safely continue using versions 12.0 and 12.1 if they download a second software patch released on 27 January.

Last week, Symantec advised users to disable pcAnywhere as they were at increased risk of suffering from an attack after the cyber thieves stole the blueprints to the software. Symantec admitted it suffered a breach six years ago when cyber criminals stole the source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere.

Along those lines, more than 140,000 computers remain configured to pcAnywhere to allow direct connections from the Internet, thereby putting them at risk, said HD Moore, chief security officer at Rapid7.

A scan for exposed systems running pcAnywhere found tens of thousands of installations could suffer from an attack through unpatched vulnerabilities in the software because they directly communicate with the Internet.

β€œIt is clear that pcAnywhere is still widely used in specific niches, especially point-of-sale, and by connecting the software directly to the Internet, organizations are placing themselves at risk of remote compromise or remote password theft,” Moore said.

Leave a Reply

You must be logged in to post a comment.