Jaa


If you use Symantec Products, Read Me

Ned here again, with a public service announcement similar to the previous one we did for RSA as it implicitly affects so many Microsoft customers. Symantec has announced:

Symantec can confirm that a segment of its source code has been accessed. Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006.

Read the rest here: https://www.symantec.com/theme.jsp?themeid=anonymous-code-claims&inid=us_ghp_banner1_anonymous

Older versions of their security products appear to be safe as long as you were maintaining patching (as always with early announcements, return to make sure this story doesn’t change). However, but if you use PCAnywhere you must update (for free) to a patched version of 12.5 immediately. It goes without saying if you were using PCAnywhere prior to this announcement, you should commence auditing your remote access. Symantec isn’t clowning around here, their actual guidance is that you should not allow PCAnywhere external access to your corporate network at all :

Customers should block pcAnywhere assigned ports (5631, 5632) on Internet facing network connections, or shut off port forwarding of these ports. Blocking these ports will help ensure that an outside entity will not have access to pcAnywhere through these ports, and will help ensure that the use of pcAnywhere remains within the confines of the corporate network.

Which kind of defeats the purpose as I understand it, but whatever.

- Ned “get to it” Pyle