(LiveHacking.Com) – Symantec has released a patch that, according to them, eliminates all known vulnerabilities affecting customers using pcAnywhere 12.0 and pcAnywhere 12.1. This is the latest step (but not the last) in an on going saga about source code stolen from Symantec in 2006. Only last week updated Symantec its “Claims by Anonymous about Symantec Source Code” page to notify its customers that “all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk” and to “recommends that customers only use pcAnywhere for business critical purposes.” Now with the release of the latest patch it has dropped this warning and now advise customers to upgrade to pcAnywhere 12.5 and apply all relevant patches.
Hotfixes are now available for the following Symantec products:
- Symantec pcAnywhere 12.5.x
- Symantec pcAnywhere 12.0.x, 12.1.x
- Symantec pcAnywhere Solution (shipped with Altiris IT Management Suite 7.x) 12.5.x, 12.6.x
- Symantec pcAnywhere Solution (shipped with Altiris Client Management Suite 7.x) 12.5.x, 12.6.x
- Remote pcAnywhere Solution s(hipped with Altiris Deployment Solution 7.1) 12.5.x, 12.6.x
According to the security advisory these hotfixes address the local file tampering elevation of privilege vulnerability and the remote code execution vulnerability previously fixed only in pcAnywhere 12.5. However since pcAnywhere allows for direct PC to PC communication, the theft of the source code has made the encodings and encryption elements within pcAnywhere vulnerable. There is no word yet from Symantec about any changes they have made to these encoding to protect users. This is mostly likely why Symnatec keep repeating the mantra of “follow general security best practices” which in short means blocking the pcAnywhere assigned ports (5631, 5632) on Internet facing network connections and disabling or removing Access Server and use remote sessions via secure VPN tunnels.