In my last article, a few days ago, I covered Symantec’s network being hacked back in 2006. One of Symantec’s products, pcAnywhere, was included in the list of programs which had its source code stolen.
In the most recent development of this story, now Symantec has released a technical white paper on the subject where it states “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks”.
If you have pcAnywhere installed in your computer, I recommend you disable or uninstall it altogether to avoid the possibility of it being used as an attack vector to your computer(s). Contact me if you need help with that.
The security software giant acknowledged last week that hackers had broken into its network when they stole source code of some of the company’s software.
At first, two weeks ago, Symantec spokesman Cris Paden stated a hacker made off with source code of Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, back in 2006. Cris otherwise downplayed the seriousness of the theft.
A few days later, however, Paden issued a revised statement, saying source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.
Having stolen the source code for these products means hackers, malware creators and other scum of society can create malware that exploits vulnerabilities in Symantec’s software, thus making it easier to render the antivirus useless during a malware infection, or in the case of pcAnywhere (a remote access suite that Symantec sells), opening the door for unauthorized remote access to computers with pcAnywhere installed on it.
In the specific case of pcAnywhere, the hacker who is believed to be responsible for the source code steal announced a few days ago the code was being released to the “blackhat” community for free-for-all exploiting.
I personally don’t recommend Symantec products, and haven’t for a long time. But with these developments I’d really suggest to stay away or move away from Symantec products.
On the second Tuesday of the month, as usual, monthly Windows updates are being published. So that’s this coming Tuesday the 10th, at approximately 1 pm EST.
For being the first updates of the year, this batch is relatively bulky. Worth mentioning among the 7 security updates being released on Tuesday that patch 8 security bugs, is one labeled “security feature bypass”, a label never used before by Microsoft.
If you have automatic updates turned on, the only user intervention needed is a possible computer restart after the updates have been installed.
If you don’t have automatic updates turned on, it behooves you to get any and all outstanding Windows updates installed, including the ones being released this coming Tuesday. Software updates comprise an essential element in any sound computer security strategy.