Vulnerability still in pcAnywhere program

Feb. 22, 2012 at 6:48 PM

SAN FRANCISCO, Feb. 22 (UPI) -- As many as 200,000 PCs running Symantec's pcAnywhere software are vulnerable to hijacking, as users aren't patching the program, a U.S. researcher says.

PCs connected to the Internet, including as many as 5,000 running point-of-sale programs that collect consumer credit card data, could be hijacked by hackers exploiting bugs in the troubled program, Computerworld.com reported Wednesday.

H.D. Moore, chief security officer at Rapid7, said an estimated 150,000 to 200,000 PCs are running an as-yet-unpatched copy of the Symantec software.

Symantec took the unprecedented step four weeks ago of telling pcAnywhere users to disable or uninstall the program because attackers had obtained the remote access software's source code.

While Symantec said it had patched all the known vulnerabilities in pcAnywhere, it declined to declare that the product was safe to use, Computerworld.com said.

Moore said the ongoing vulnerabilities are a serious problem.

"There are a lot [of PCs] that haven't been updated," Moore said. "It seems the recent patches have been very much ignored."

Related UPI Stories
Latest Headlines
Trending Stories
Breast cancer drug helps immune response against MRSA
Study of antibodies in HIV patient may help lead to vaccine
Study: Dissolvable stent as good as conventional version
8 things you didn't know about baby gorillas
Study: Elephants rarely get cancer