Symantec alert: Disable PcAnywhere until they issue patches
http://www.pcworld.com/businesscenter/article/248782/symantec_recommends_disabling_pcanywhere_and_waiting_for_security_patches.html
Symantec Recommends Disabling PcAnywhere and Waiting for Security Patches
By Lucian Constantin, IDG News
Security vendor Symantec has advised users of its pcAnywhere remote control software to disable it, because hackers with access to the product's source code could exploit security holes identified in the application.
Earlier this month Symantec confirmed that the source code for the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks and pcAnywhere was stolen by hackers.
The security vendor said at the time that because the code is old, customers running Norton products today should not be in any increased danger of cyberattacks. However, the company admitted that users of pcAnywhere, which has not changed as much as the Norton products over the past few years, might face an increased risk because of the leak.
In a white paper published on Monday, Symantec revealed that encoding and encryption elements used by pcAnywhere to secure PC to PC communications were found to be vulnerable. "Therefore it is possible that successful man-in-the-middle attacks may occur depending on the configuration and use of the product," the company said.
...