[CCoE Notice] [Security] MS-ISAC CYBER SECURITY ADVISORY - Vulnerability in Symantec pcAnywhere - RISK: HIGH (fwd)
Charles John Young Jr.
cjyoung at EGR.UH.EDU
Thu Jan 26 11:02:19 CST 2012
To all Cullen College computer users:
pcAnywhere is an older software program used to provide remote access to
computer systems. This software has not been used in the College for many
years. However, it is always possible that some of you may have used this
on legacy systems, or older personal systems. If so, please pay careful
attention to this advisory.
If you know of any systems using pcAnywhere, or if you are not sure,
please contact either Kiet Luong or me so that we can take appropriate
steps to safeguard your computers before they are compromised.
John Young
Engineering Computing
---------- Forwarded message ----------
Date: Thu, 26 Jan 2012 09:37:55 -0600
From: "Dickerson, Mary E" <MDickerson at UH.EDU>
To: TPP-ISO at LISTSERV.UH.EDU
Subject: [TPP-ISO] FW: [Security] MS-ISAC CYBER SECURITY ADVISORY -
Vulnerability in Symantec pcAnywhere - RISK: HIGH
Campus ISOs – If any of your areas are utilizing PCAnywhere, please be aware
of the following security advisory and take appropriate action as soon as
possible.
Here is a link to a Computerworld article with more information:http://www.computerworld.com/s/article/9223725/Threatened_by_Anonymous_Syma
ntec_tells_users_to_pull_pcAnywhere_s_plug
Mary
Mary E. Dickerson, MBA, CISSP, CISM, PMP
Executive Director, IT Security
Chief Information Security Officer
University of Houston | University of Houston System
phone: 832-842-4679
email: mdickerson at uh.edu
From: security-bounces+mdickerson=uh.edu at lists.state.tx.us
[mailto:security-bounces+mdickerson=uh.edu at lists.state.tx.us] On Behalf Of
Luevano, Ana
Sent: Thursday, January 26, 2012 8:58 AM
To: security-officer at lists.state.tx.us; security at lists.state.tx.us;
irapc at lists.state.tx.us
Subject: [Security] MS-ISAC CYBER SECURITY ADVISORY - Vulnerability in
Symantec pcAnywhere - RISK: HIGH
Importance: High
MULTI-STATE INFORMATION SHARING AND ANALYSIS CENTER CYBER SECURITY ADVISORY
Symantec has released a statement indicating that users should not use
pcAnywhere or at minimum block the ports used by pcAnywhere at the
perimeter. This is due to a breach in which the source code for various
products was stolen. Symantec indicated that pcAnywhere is the only product
that has not been fixed since the breach. There is a potential for
additional vulnerabilities to be exploited due to this breach.
SYSTEMS AFFECTED:
· pcAnywhere 12.5.3
· pcAnywhere 12.5 SP1
· pcAnywhere 12.5
· pcAnywhere 12.1
· pcAnywhere 12.0
Symantec has released a Hot Fix that mitigates the issue in version 12.5 of
the software. If the application is configured to receive updates via
LiveUpdate, this update will be automatically applied to each vulnerable
system when LiveUpdate is run. Information regarding this hot fix can be
obtained from the followingsite: http://www.symantec.com/business/support/index?page=content&id=TECH17
9526
Symantec also plans on releasing fixes that will mitigate the issue in
versions 12.1 and 12.0 as well. However, no fixes are available for these
versions at this time.
Symantec has released a statement indicating that users should not use
pcAnywhere or at minimum block the ports used by pcAnywhere at the
perimeter. This is due to a breach in which the source code for various
products was stolen. Symantec indicated that pcAnywhere is the only product
that has not been fixed since the breach. There is a potential for
additional vulnerabilities to be exploited due to this breach.
More information about the Engi-Dist
mailing list