Symantec declares pcAnywhere safe to use
Symantec has said that its pcAnywhere software is now safe to use, with free upgrades offered to users.
According to Reuters, the company has now determined that the current version of pcAnywhere is safe, provided it has been updated with a security patch released on 23 January.
Company spokesman Brian Modena said it is offering free upgrades to pcAnywhere 12.5 at no charge to all customers, even those using old editions that would not typically qualify for support. He also said that while Symantec is advising all users to upgrade, they can safely continue using versions 12.0 and 12.1 if they download a second software patch released on 27 January.
Last week, Symantec advised users to disable pcAnywhere as they were at increased risk of being hacked after the blueprints to the software were stolen. Symantec admitted that it was breached six years ago when the source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere was stolen.
However, according to HD Moore, chief security officer at Rapid7, more than 140,000 computers appear to remain configured to pcAnywhere to allow direct connections from the internet, thereby putting them at risk.
A scan for exposed systems running pcAnywhere found that tens of thousands of installations that could be attacked through unpatched vulnerabilities in the software because they directly communicate with the internet.
According to Computer World, Moore said: “It is clear that pcAnywhere is still widely used in specific niches, especially point-of-sale, and by connecting the software directly to the internet, ‘organisations are placing themselves at risk of remote compromise or remote password theft'.