More than 200,000 computers could be at risk due to failings in pcAnywhere software

More than 200,000 PCs could be hacked by cyber criminals using bugs which exploit Symantec’s pcAnywhere programme, it has been claimed.

A researcher at Rapid7, which looked at pcAnywhere systems, has made the claim just weeks after Symantec told its users to disable and uninstall the programme because hackers had gotten hold of its source code.

Symantec now claim to have patched all the areas which were vulnerable but have not yet confirmed whether or not the product is safe for further usage.

But according to Rapid7 there are still around 200,000 pcs running the unpatched version of the software anyway and these systems could be taken over by attackers who could then control their keyboard, mouse and programs.

HD Moore, chief security officer for Rapid, scanned the internet for the TCP port which pcAnywhere leaves open so that commands can enter and found that a large number where point of sale programs which were older the ones which had been provided with the patch.

Point of sale programs are reliant on pcAnywhere for remote support and do not transmit any financial details such as credit care details. However, Mr Moore claims that the software can be exploited by hackers who can then control the computer and harvest information from other programs.

"These [point-of-sale] systems are an attractive target for break-in," said Mr Moore.

"There are a lot [of PCs] that haven't been updated," he added. "It seems the recent patches have been very much ignored."

It’s not been a good few weeks for Symantec.

Only recently it was forced to admit that the source code for its Norton Internet Security software was stolen by cyber criminals during a breach which occurred in 2006 and it is also fighting a US lawsuit over claims that it used scare tactics to sell its products.