We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Symantec tells pcAnywhere users to disable software

Users at risk of 'man-in-the-middle' attack after source code stolen

Symantec is urging users of its pcAnywhere software to disable the software on their PCs.

The security firm's warning comes just weeks after The Lords of Dharmaraja hacking group claimed to have obtained source code and documentation for the software from servers belonging to Indian intelligence agencies. The group also threatened to post the information online.

At the time, the security firm told IDG News Service there was no actual source code present in the stolen data.

However, Symantec has no backtracked and believes users of its pcAnywhere software may be at risk

"Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," it said in an advisory.

"pcAnywhere customers have increased risk. Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits. Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information."

Symantec said not only could a "'man-in-the-middle' attack result in data and log-in credentials being stolen as well as unauthorised remote access of a PC.

The security firm said it "recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks".

"For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein."


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...