Sunnyvale (ip-192.com): Symantec recommends that users disable or uninstall its pcAnywhere. The company, best known for its suite of antivirus software, says that source code stolen by hackers in 2006 may expose vulnerabilities in the remote access software.
“Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits,” Symantec says. “Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information. General security best practices include endpoint, network, remote access, and physical security, as well as configuring pcAnywhere in a way that minimizes potential risks.”
PcAnywhere allows remote users to connect to a host, using an Internet or LAN connection and an access password. The program runs on multiple platforms, including Microsoft Windows, Linux, Mac OS X, and Pocket PC.
“Our current analysis shows that all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk, as well as customers with prior, unsupported versions of the product,” Symantec says. PcAnywhere is also bundled in three Symantec products, Altiris Client Management Suite and Altiris IT Management Suite versions 7.0 or later, and Altiris Deployment Solution with Remote v7.1. In addition, customers with earlier versions of Altiris suites may have opted to leverage pcAnywhere. The increased risk is isolated to the pcAnywhere components only. There are no known impacts to the rest of the components in the Altiris products or the pcAnywhere Solution component that provides integration between pcAnywhere and the Symantec Management Console. Customers should validate the remote control tools currently in use.”
Pc Anywhere users could be exposed to “man in the middle” attacks, meaning that data exchanged between a remote user and the host could be intercepted. If the malicious user gains access to passwords used to log on to the host, he could gain access to corporate networks. Users are also at risk of remote code injection. Symantec has released a White Paper (available here) to provide remediation steps to maintain the protection of their devices and information until security patches are released.
Symantec warns users about possible exploits in its remote access program pcAnywhere and recommends disabling the remote access software suite until patches are released to resolve the issue. Photo: EL
Recent Comments