Security firm Symantec has warned customers to stop using its pcAnywhere software.
The company confirmed that "old" source code stolen by a hacking group had exposed vulnerabilities in the remote access program.
An advisory note on Symantec's website explained how to
minimise risks for customers who used pcAnywhere for "business-critical
purposes".
Other software from the company is not at a heightened risk, Symantec said.
In its website note,
the company said it recommended "disabling the product until Symantec
releases a final set of software updates that resolve currently known
vulnerability risks".
'Man in the middle'
"Malicious users with access to the source code have an
increased ability to identify vulnerabilities and build new exploits,"
it added.
It said the vulnerability left pcAnywhere users exposed to
"man in the middle" attacks - a security hole which puts data at risk of
being intercepted.
An attacker could potentially gain remote control of a company's network and access sensitive information.
A Symantec spokesman said that fewer than 50,000 people used
the standalone version of pcAnywhere - although the software was also
bundled as part of other security packages.
It suggested that corporate customers who used pcAnywhere for
business-critical activity should "understand the current risks" and
"apply all relevant patches as they are released, and follow the general
security best practices".
Blueprints
News of the source code theft emerged earlier this year after
hacking group Lords of Dharmaraja - believed to be based in India -
threatened to post it online.
Symantec initially said there was no risk to users as the
stolen code was six years old, advising simply to make sure the most
recent version of the products had been downloaded.
But the updated advice said the stolen material had included
blueprints for Norton Antivirus Corporate Edition, Norton Internet
Security, Norton SystemWorks (Norton Utilities and Norton GoBack) and
pcAnywhere.
Of those products, only pcAnywhere is said to be at
"increased risk", and users of the other software packages should not be
concerned.
"The code that has been exposed is so old that current
out-of-the-box security settings will suffice against any possible
threats that might materialise as a result of this incident," the
company reiterated on its website.
|