Jump to content
Login new information ×
Login new information

Symantec confirms: Anonymous stole source code, users should disable pcAnywhere

nsane.forums

By nsane.forums
in Security & Privacy News

Recommended Posts

nsane.forums

nsane.forums

Posted
Posted

Symantec has confirmed that the hacker group Anonymous stole source code from the 2006 versions of several Norton security products and the pcAnywhere remote access tool.

Although Symantec says the theft actually occurred in 2006, the issue did not come to light until this month when hackers related to Anonymous said they had the source code and would release it publicly. Users of the Norton products in question are not at any increased risk of attack because of the age of the source code and security improvements made in the years since the breach, but the vendor acknowledged on Tuesday night that "Customers of Symantec's pcAnywhere have increased risk as a result of this incident."

Symantec released a patch fixing three vulnerabilities in pcAnywhere version 12.5 (the current version) on Monday, and said it will continue issuing patches "until a new version of pcAnywhere that addresses all currently known vulnerabilities is released."

Symantec pointed customers to a white paper that recommends disabling pcAnywhere, unless it is needed for business-critical use, because malicious users with access to the source code could identify vulnerabilities and launch new exploits. "At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," the company said. "For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein."

As for Norton, Symantec said the source code stolen was from the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, and Norton SystemWorks. Earlier this month, Symantec said no products were at risk, but changed its message regarding pcAnywhere after further investigation.

view.gif View: Original Article

Link to comment
Share on other sites
  • Replies 6
  • Views 1.4k
  • Created
  • Last Reply
  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted

They didn't confirm it till now. :)

This is kinda official.

Link to comment
Share on other sites
  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted

This is a followup story. This one is an official written statement.

Link to comment
Share on other sites
Ambrocious

Ambrocious

Posted
Posted

Sounds like an internal issue to me. Formal employee of Symantec who became disgruntled decided to join Anonymous?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...