Symantec recommends disabling pcAnywhere and waiting
Earlier this month Symantec confirmed that the source code for the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks and pcAnywhere was stolen by hackers.
White paper published on Monday
In a white paper published on Monday, Symantec revealed that encoding and encryption components used by pcAnywhere to secure PC to PC communications were found to be vulnerable. "In short it is possible that successful man-in-the-middle attacks may occur depending on the configuration and use of the product," the company said.
If attackers manage to obtain the cryptographic key used by the application they can launch unauthorized remote control sessions and potentially gain access to other data stored on an internal network.
The application's login credentials can as well be intercepted with the help of a network sniffer. But, for this to happen, the attacker must already have access to the network via a malware-compromised computer or some other method.
"For clients that require pcAnywhere for business critical purposes, it is suggested that clients understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow general security best practices," the company said.
- ·
Pcanywhere Voip
- ·
Pcanywhere And Voip
- · Rackspace debuts OpenStack cloud servers
- · America's broadband adoption challenges
- · EPAM Systems Leverages the Cloud to Enhance Its Global Delivery Model With Nimbula Director
- · Telcom & Data intros emergency VOIP phones
- · Lorton Data Announces Partnership with Krengeltech Through A-Qua⢠Integration into DocuMailer