Wednesday, February 22, 2012

Unpatched pcAnywhere on 200,000 Windows PCs = Disaster Waiting to Happen

Say NO to pcAnywhereOne would think with all of the headlines flying around about how hackers stole the source code for a variety of Symantec products and Symantec going from saying users only faced a “slightly increased security risk” to urging them to disable pcAnywhere before finally saying the software is safe only after being patched that users would heed the warnings and do as they’re advised.

After all, it’s not every day that a security company discovers they were breached years ago without their knowledge and tells you to flat-out stop using their product.

Unfortunately, it seems as though quite a few folks missed the memo and a lot of PCs have been left vulnerable as a result.

Security researchers over at Rapid7 scanned the internet for the TCP port that pcAnywhere leaves open for incoming commands and found that up to 200,000 computers are running unpatched versions of pcAnywhere software.

Note to those who are running unpatched versions of Symantec’s pcAnywhere: if a security researcher can find you, then so can an attacker.

To make matters worse, an estimated 2.5% (roughly 3,450 – 5,000) of those vulnerable Windows PCs are running a point-of-sale system, leaving the door wide open for an attacker to hit the ultimate payday.

Was nothing learned from the Subway point-of-sale system breach that resulted in over $3million dollars in fraudulent charges?

It’s imperative that pcAnywhere users to either make sure their software is current or find an alternative remote desktop solution such as LogMeIn, GoToMyPC, or WebEX PCNow – just to name a few.

What do you think of all the issues surrounding Symantec and pcAnywhere? Share your thoughts below!

[via ComputerWorld]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment