Symantec advises users to turn off PCAnywhere in hack aftermath

[InfoSec News <alerts () infosecnews org>]

http://www.v3.co.uk/v3-uk/news/2141452/symantec-advises-users-pcanywhere-hack-aftermath

By Shaun Nichols
V3.co.uk
26 Jan 2012

Symantec is advising customers to take their copies of PCAnywhere 
offline as the company continues to struggle with the aftermath of a 
major data breach.

The company has issued a whitepaper addressing new vulnerabilities 
brought to light by a recently publicised attack which resulted in 
attackers gaining access to the application's source code. The 2006 hack 
was recently brought to light by an Indian hacking team which is seeking 
to publicly distribute the code.

With the code compromised, Symantec has now determined that a major 
update is necessary to protect users from any flaws revealed in the 
compromised source code. Until that update can be released, the company 
is advising users of pcAnywhere 12.5 to disable the remote management 
tool.

"At this time, Symantec recommends disabling the product until Symantec 
releases a final set of software updates that resolve currently known 
vulnerability risks," the company said in the whitepaper.

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn