After confirmation of the source code theft of one of its products, Symantec has warned its customers to temporarily disable the compromised products. These includes Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack), and pcAnywhere. All these compromised products are of 2006-era versions.
These codes were stolen six years ago but Symantec spokesman says that they did not know before this month that all these source codes had been stolen.
Consumers using these products and totally depended on these are susceptible to man-in-the-middle attacks which can reveal their authentication and session information to hackers. So they have to ensure at their own that their system is protected against potential threats.
In a note released, they say that “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks. For customers that require pcAnywhere for business critical purposes, it is
recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein.” Customers are asked to follow this guide.
People using pcAnywhere of version 12.0, 12.1 and 12.5 are at increased risk. This is a popular remote access program used for direct PC to PC communication. The same is used on POS terminals in stores and restaurants to process credit and debit cards. Such users are requested to have the latest definition for all anti-virus and firewall technologies they are using. Additionally they should use IPSec
or SSL VPN for connecting to remote computers. For the time being they should block ports (5631/32) so that an outsider couldn’t access the pcAnywhere over internet.
If your are using one of the compromised products, keep an eye on latest hotfixes provided by the company. Apply them as they are released. Make sure to update our firewalls and other security products too.
[via Fox News]
Update [31.01.2012]
Symantec said now it is safe to use pcAnywhere 12.5 with the latest patch released. They are also offering free upgrades to pcAnywhere 12.5 at no charge to all customers, even those using old editions that would not typically qualify for support.