PCs connected to the Internet, including as many as 5,000 running point-of-sale programs that collect consumer credit card data, could be hijacked by hackers exploiting bugs in the troubled program, Computerworld.com reported Wednesday.
H.D. Moore, chief security officer at Rapid7, said an estimated 150,000 to 200,000 PCs are running an as-yet-unpatched copy of the Symantec software.
Symantec took the unprecedented step four weeks ago of telling pcAnywhere users to disable or uninstall the program because attackers had obtained the remote access software's source code.
While Symantec said it had patched all the known vulnerabilities in pcAnywhere, it declined to declare that the product was safe to use, Computerworld.com said.
Moore said the ongoing vulnerabilities are a serious problem.
"There are a lot [of PCs] that haven't been updated," Moore said. "It seems the recent patches have been very much ignored."