The company confirmed that “old” source code stolen by a hacking group had exposed vulnerabilities in the remote access program.
An advisory note on Symantec’s website explained how to minimise risks for customers who used pcAnywhere for “business-critical purposes”.
Other software from the company is not at a heightened risk, Symantec said.In its website note, the company said it recommended “disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks”.
‘Man in the middle’
“Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits,” it added.
It said the vulnerability left pcAnywhere users exposed to “man in the middle” attacks – a security hole which puts data at risk of being intercepted.
An attacker could potentially gain remote control of a company’s network and access sensitive information.
A Symantec spokesman said that fewer than 50,000 people used the standalone version of pcAnywhere – although the software was also bundled as part of other security packages.
It suggested that corporate customers who used pcAnywhere for business-critical activity should “understand the current risks” and “apply all relevant patches as they are released, and follow the general security best practices”.
News of the source code theft emerged earlier this year after hacking group Lords of Dharmaraja – believed to be based in India – threatened to post it online.
Symantec initially said there was no risk to users as the stolen code was six years old, advising simply to make sure the most recent version of the products had been downloaded.
But the updated advice said the stolen material had included blueprints for Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack) and pcAnywhere.
Of those products, only pcAnywhere is said to be at “increased risk”, and users of the other software packages should not be concerned.
“The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialise as a result of this incident,” the company reiterated on its website.