200,000 pcAnywhere Users STILL Vunerable to Attack

Despite warnings from Symantec, thousands of pcAnywhere users have failed to apply a critical security patch.

Approximately 1 month ago, Symantec began advising users of their pcAnywhere product to disable the software until have had the opportunity to apply their most recent security patch.

The advice…was prompted by a 2006 leak of its source code and the much more recent involvement of Anonymous, the loosely-organized group of hackers whose latest exploit was to cripple several government websites…Symantec admitted its own network had been breached in 2006…it again said source code for several of its products, including pcAnywhere, had been stolen at that time.–ComputerWorld

Attackers who obtain the software’s cryptographic key can also launch unauthorized remote control sessions on pcAnywhere-equipped PCs, the company added. If successful, such attacks would give hackers free rein of the machine and possibly other systems on a network.–ComputerWorld


This week, security researcher Rapid7 has identified approximately 200,000 systems that are running pcAnywhere without the security patch and are still vunerable to attack.

Of the Internet-connected systems vulnerable to attack, as many as 5,000, or 2.5 percent, were electronic cash registers or other point-of-sales systems that process credit cards and are integrated with back-end systems–CRN

Rapid7 found that systems running pcAnywhere could be “remote controlled, including screen, mouse and keyboard access, without knowledge of the owner.”–CRN


Direct link to security patch available from Symantec:

http://www.symantec.com/business/support/index?page=content&id=TECH179526

To learn more about this issue – please refer to the Symantec support pages linked below:

http://www.symantec.com/theme.jsp?themeid=anonymous-code-claims

If you have particular questions or concerns about this issue, we recommend you contact Symantec directly:

pcanywhere@symantec.com

103 total views, 1 views today

(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.