Learn about the security recommendations that should mitigate attacks

Jan 26, 2012 09:09 GMT  ·  By

There have been many rumors around the hacking operation that affected Symantec back in 2006, resulting in the theft of source code for some of their products. Now the company came forward with official “security recommendations,” advising customers to disable their pcAnywhere products until they release a patch.

Symantec confirms that products from the 2006-era are affected by the data breach that took place at the time, including Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, which includes Norton Utilities and Norton GoBack, and pcAnywhere, a software that allows direct PC-to-PC communications.

A detailed analysis of the situation reveals that most customers aren’t exposed due to the age of the products.

“There is nothing additional that customers of these products need to do beyond adhering to best practices. The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident,” reads the advisory.

On the other hand, pcAnywhere customers should be somewhat concerned, especially those who use the 12.0, 12.1, 12.5 and prior versions of the product. pcAnywhere is also bundled with numerous other products such as Altiris based solutions and backup and security products.

Users who rely on these applications are exposed because the encoding and encryption elements within pcAnywhere are vulnerable, allowing a cybercriminal to launch a successful man-in-the-middle attack, depending on the configuration and the way it’s used.

Basically, traffic could be intercepted and encoded if a network sniffer is placed in the customer’s internal network, but this implies that the attacker either has a malicious insider or has a botnet operating in the environment.

“At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks,” the security solutions provider advises customers.

Also, they recommend that consumers follow some general security best practices to mitigate the issue.