Vulnerability still in pcAnywhere program

Feb. 22, 2012 at 6:48 PM

SAN FRANCISCO, Feb. 22 (UPI) -- As many as 200,000 PCs running Symantec's pcAnywhere software are vulnerable to hijacking, as users aren't patching the program, a U.S. researcher says.

PCs connected to the Internet, including as many as 5,000 running point-of-sale programs that collect consumer credit card data, could be hijacked by hackers exploiting bugs in the troubled program, Computerworld.com reported Wednesday.

H.D. Moore, chief security officer at Rapid7, said an estimated 150,000 to 200,000 PCs are running an as-yet-unpatched copy of the Symantec software.

Symantec took the unprecedented step four weeks ago of telling pcAnywhere users to disable or uninstall the program because attackers had obtained the remote access software's source code.

While Symantec said it had patched all the known vulnerabilities in pcAnywhere, it declined to declare that the product was safe to use, Computerworld.com said.

Moore said the ongoing vulnerabilities are a serious problem.

"There are a lot [of PCs] that haven't been updated," Moore said. "It seems the recent patches have been very much ignored."

Related UPI Stories
Latest Headlines
Trending News
Test predicts teen risk factor for cardiovascular disease
Gene therapy effective against form of inherited vision loss
Foot of new human ancestor, Homo naledi, resembles our own
NASA releases thousands of Apollo mission photos on Flickr
Study: European austerity to blame for rise in male suicide