We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Symantec tells pcAnywhere users to disable software

Users at risk of 'man-in-the-middle' attack after source code stolen

Symantec is urging users of its pcAnywhere software to disable the software on their PCs.

The security firm's warning comes just weeks after The Lords of Dharmaraja hacking group claimed to have obtained source code and documentation for the software from servers belonging to Indian intelligence agencies. The group also threatened to post the information online.

At the time, the security firm told IDG News Service there was no actual source code present in the stolen data.

However, Symantec has no backtracked and believes users of its pcAnywhere software may be at risk

"Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," it said in an advisory.

"pcAnywhere customers have increased risk. Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits. Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information."

Symantec said not only could a "'man-in-the-middle' attack result in data and log-in credentials being stolen as well as unauthorised remote access of a PC.

The security firm said it "recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks".

"For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein."

IDG UK Sites

Acer Aspire R11 review: Hands-on with the 360 laptop and tablet convertible

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

See how Framestore created a shape-shifting, oil and metal based creature for Shell

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......