Symantec Investigates Stolen Source Code, Recommends Disabling pcAnywhere

Paul Lilly

Less than three weeks ago, security firm Symantec publicly downplayed the theft of a portion of its source code and said the stolen bits were from a 2006 enterprise version of its software. The message at the time was that the theft didn't affect Symantec's Norton products for consumer customers, nor were enterprise users as risk. In other words, chillax. Now Symantec is making the unusual recommendation of telling people not to use its pcAnywhere software.

In a white paper (PDF) published today, Symantec indicated that users of pcAnywhere are at increased risk, and the risk goes up for customers not following general security best practices.

"General security best practices include endpoint, network, remote access, and physical security, as well as configuring pcAnywhere in a way that minimizes potential risks," Symantec stated in its white paper. "At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks. For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein."

H.D. Moore, chief architect of Metaspolit, a platform that helps IT professionals identify security issues, told Reuters that it's "pretty much unheard of to just say 'Stop using it.' Especially a vendor as large as Symantec." Be that as it may, the temporary halt Symantec recommends is a temporary measure until it can roll out a patch, presumably soon.

Around the web