Symantec warns pcAnywhere users to disable software after theft of source code


Symantec is warning customers who use its pcAnywhere software for accessing remote PCs to stop using it after an increased risk of getting hacked due to a 2006 source code leak in which the hacker group Anonymous threatened to leak.

“Our investigation continues to indicate that the theft is limited to only the code for the 2006 versions of Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere. Our current analysis shows that all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk, as well as customers using prior versions of the product. pcAnywhere is also bundled with numerous Symantec products,” Symantec stated in an official press release.

Symantec made this announcement after it learned about a hacker named YamaTough leaked the source code to Norton Utilities and had threatened to publish the company’s widely used anti-virus programs.

Symantec simply wants users to temporarily stop using the product until an update is released. “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks,” Symantec stated.

Those who use Symantec’s other software title were not at risk. “The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident,” Symantec added.

The company recommends the following practices to ensure a minimal risk to the security breach:

  • Making sure your AV definitions are up to date
  • Making sure your software is upgraded to the latest maintenance version
  • As it makes sense for your organization, upgrade to the latest version of Symantec Endpoint Protection, which is SEP 12.1 RU1. Our analysis shows that the code theft does not require organizations to accelerate an upgrade to SEP 12.1.