Symantec publishes pcAnywhere security recommendations
In the middle of last week, Symantec admitted that the source code for a number of its products, including pcAnywhere, was stolen in 2006. Now the company has published a white paper in which it warns against using the remote PC control software at all, since malicious parties could use the source code to identify and exploit security vulnerabilities to compromise PCs that use the program.
In addition, an attacker with cryptography knowledge could conduct man-in-the-middle attacks on encrypted connections and create unauthorised connections to remote machines, thereby potentially gaining access to whole networks.
Symantec plans to eradicate the known vulnerabilities in pcAnywhere step by step. A patch was released earlier this week, but it doesn't fix the problem described above. Those who absolutely need the product should make sure to always have the latest updates and follow the security recommendations in the white paper.
The warnings suggest that significant parts of the source code have hardly been changed since the theft. Source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities and Norton GoBack was also stolen, but Symantec assumes that the versions based on that source code are no longer in regular use and therefore does not believe that its customers are at an increased risk.
Cris Paden, a Symantec spokesman, told Wired's Threat Level blog that the company "knew there was an incident in 2006," but that "it was inconclusive at the time as to whether or not actual code was taken or that someone had actual code in their hands". Following claims that the Indian hacking group "Lords of Dharmaraja" had stolen Symantec source code, Paden said that the company went back through its logs and "put 2 and 2 together that there was a source code theft," adding that he wasn't sure how the signs were missed in 2006.