More than 200,000 computers could be at risk due to failings in pcAnywhere software


More than 200,000 computers could be at risk due to failings in pcAnywhere software

Return to latest IT industry news


Category IT Security
Article date 27 February 2012
More than 200,000 computers could be at risk due to failings in pcAnywhere software
More than 200,000 PCs could be hacked by cyber criminals using bugs which exploit Symantec’s pcAnywhere programme, it has been claimed.

A researcher at Rapid7, which looked at pcAnywhere systems, has made the claim just weeks after Symantec told its users to disable and uninstall the programme because hackers had gotten hold of its source code.

Symantec now claim to have patched all the areas which were vulnerable but have not yet confirmed whether or not the product is safe for further usage.

But according to Rapid7 there are still around 200,000 pcs running the unpatched version of the software anyway and these systems could be taken over by attackers who could then control their keyboard, mouse and programs.

HD Moore, chief security officer for Rapid, scanned the internet for the TCP port which pcAnywhere leaves open so that commands can enter and found that a large number where point of sale programs which were older the ones which had been provided with the patch.

Point of sale programs are reliant on pcAnywhere for remote support and do not transmit any financial details such as credit care details. However, Mr Moore claims that the software can be exploited by hackers who can then control the computer and harvest information from other programs.

"These [point-of-sale] systems are an attractive target for break-in," said Mr Moore.

"There are a lot [of PCs] that haven't been updated," he added. "It seems the recent patches have been very much ignored."

It’s not been a good few weeks for Symantec.

Only recently it was forced to admit that the source code for its Norton Internet Security software was stolen by cyber criminals during a breach which occurred in 2006 and it is also fighting a US lawsuit over claims that it used scare tactics to sell its products.ADNFCR-8000229-ID-801303917-ADNFCR
About our writers
Related IT Security articles
24/04/2014 - Collaborative effort aims to stem Heartbleed
23/04/2014 - Cyber attacks 'mostly fall into handful of patterns'
23/04/2014 - Conference debates future of the web
22/04/2014 - World Cup fans 'targeted by cyber criminals'
17/04/2014 - First Heartbleed arrest made

Read all IT industry news
 

 


If you are looking for IT outsourcing companies in London, or throughout the United Kingdom, and would like to meet with one of our consultants for a no-obligation discussion please call us on 020 7392 1600, email us at info@ihotdesk.com