Symantec on Tuesday took the dramatic step of advising customers of its secure communications product pcAnywhere to disable it, confirming that a 2006 data breach in which hackers stole its source code had led to a heightened risk of a successful attack.
The move follows ongoing taunts by Anonymous-aligned hacker under the Twitter handle, YamaTough, who claimed on 16 January that pcAnywhere's source code had been released to the blackhat hacking community for "0d" (zero day) exploiting.
Symantec's whitepaper addressing the threat of the disclosure clarified that products exposed in the 2006 breach included that year's versions of Norton Antivirus Corporate Edition, Norton Internet Security and Norton SystemWorks.
However, the the only product at present that puts customers at increased risk is pcAnwhere, a standalone PC to PC communications product that currently supports 50,000 customers, Symantec told Reuters. However, it is also bundled with several Altiris enterprise products while pcAnywhere Thin Host is bundled with a number of its backup and security products.
"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," it said in its whitepaper.
It appears that some of those patches came Tuesday in the form of version 12.5.3, addressing three known flaws for versions in the 12.5.x bracket, which it believed had not been exploited yet.
However, more patches were planned for the week until it addresses all known flaws, including those for 12.0 and 12.1, Symantec reported on its blog.
Still, anyone that has the source the code remains a potential threat, it reported in its whitepaper, meaning they could exploit the product's encoding and encryption, leaving customer data and potentially credentials exposed to theft, depending on the network's configuration and whether or not other malicious software, such as a network sniffer, was operating in the environment.