Vulnerability still in pcAnywhere program

Feb. 22, 2012 at 6:48 PM
share with facebook
share with twitter

SAN FRANCISCO, Feb. 22 (UPI) -- As many as 200,000 PCs running Symantec's pcAnywhere software are vulnerable to hijacking, as users aren't patching the program, a U.S. researcher says.

PCs connected to the Internet, including as many as 5,000 running point-of-sale programs that collect consumer credit card data, could be hijacked by hackers exploiting bugs in the troubled program, reported Wednesday.

H.D. Moore, chief security officer at Rapid7, said an estimated 150,000 to 200,000 PCs are running an as-yet-unpatched copy of the Symantec software.

Symantec took the unprecedented step four weeks ago of telling pcAnywhere users to disable or uninstall the program because attackers had obtained the remote access software's source code.

While Symantec said it had patched all the known vulnerabilities in pcAnywhere, it declined to declare that the product was safe to use, said.

Moore said the ongoing vulnerabilities are a serious problem.

"There are a lot [of PCs] that haven't been updated," Moore said. "It seems the recent patches have been very much ignored."

Related UPI Stories
Trending Stories