5 replies to this topic

[Corrine]

Two weeks ago, it was announced that Symantec’s Norton AntiVirus source code exposed by hackers.  

Originally, it was reported that it was code for older Enterprise products, not the versions used for consumers.  In addition, it was claimed that it was a third party and not Symantec's network that was breached.

Since then, it was discovered that Symantec's network was compromised.  Following that discovery, it was learned that the secret source code for pcAnywhere, a widely used brand of remote control software was also leaked.

Finally, today, Symantec tells customers to disable pcAnywhere.

Symantec Corp took the rare step of advising customers to stop using one of its products, saying its pcAnywhere software for accessing remote PCs is at increased risk of getting hacked after blueprints of that software were stolen.

[LilBambi]

Symantec said it was only asking customers to temporarily stop using the product, until it releases an update to the software that will mitigate the risk of an attack.

Good that they are fixing it. But excellent that they are taking the danger to their customers seriously enough to tell them not to use it till they fix it.

Thanks for the heads up Corrine!

[Temmu]

thanks corrine!

still have a couple servers with that, at work.

[Corrine]

Symantec released a patch for pcAnywhere 12.0 and pcAnywhere 12.1.  

Hotfix Details: pcAnywhere Security Recommendations

[LilBambi]

More good news for PCAnywhere users:

Symantec drops don't-use advice, gives pcAnywhere all-clear - Offers free upgrades to customers running older editions as one rival swoops in with special pricing - Computerworld

Symantec wrapped up patching pcAnywhere 12.5 on Jan. 27, then updated versions 12.0 and 12.1 with more fixes yesterday.

Last week, Symantec said it was unable to predict when it would complete its patching of pcAnywhere, citing the unpredictability of its investigation and the creation of the necessary fixes.

The updates can be manually downloaded from Symantec's website, or customers can use pcAnywhere's built-in updating service to retrieve and install the patches.

Modena also confirmed that customers running versions of pcAnywhere prior to version 12.0 will be offered a free upgrade to 12.5.

"If requested, Symantec will honor an update to version 12.5 for customers using previous versions of the product," said Modena today. To ask for a free upgrade, users should send the company an email aimed at the pcanywhere@symantec.com address.

[Temmu]

cool, lilbambi!  thx!