PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Symantec Warns Users to Disable pcAnywhere

Sara Yin
 & Sara Yin Junior software analyst

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Symantec pcAnwhere for SW

Symantec has warned users of its remote access tool, pcAnywhere, to disable the product until it patches vulnerabilities related to the 2006 theft of source code by hacktivist group, Anonymous.

pcAnwyhere, originally a product of Peter Norton Computing, is a tool that gives enterprise users remote access to their PCs. It is sold individually or bundled in Altiris Client Management Suite, Altiris IT Management Suite versions 7.0 or later, and Altiris Deployment Solution with Remote v7.1.

"Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006," the company wrote in a white paper.

Recommended by Our Editors

Amazon’s Memorial Day Sale Is Still Live With Up to 50% Off Headphones, Monitors, TVs, and More
Amazon’s Memorial Day Sale Is Still Live With Up to 50% Off Headphones, Monitors, TVs, and More
Readers’ Choice 2026: The Best and Worst ISPs, Ranked by You
Readers’ Choice 2026: The Best and Worst ISPs, Ranked by You
Amazon’s Memorial Day Sale Ends in a Few Hours With Up to 50% Off Headphones, Monitors, TVs, and More
Amazon’s Memorial Day Sale Ends in a Few Hours With Up to 50% Off Headphones, Monitors, TVs, and More

"Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," it added. At worst, the company warned, malicious users with access to the source code can build new exploits for man-in-the-middle attacks, which can expose authentication and session information.

If customers choose to ignore the risks, Symantec recommends ensuring you have the latest version 12.5 installed. My colleague Neil Rubenking pointed out that source code for productivity tools does not necessarily change at least once a year, as it does for anti-virus products, hence there could be users running six-year-old source code.  

This is the second time in a month when a Symantec acquisition has fallen into trouble over source code theft. In early January, Symantec confirmed that source code used in its older enterprise antivirus products was stolen. Hacker group the "Lords of Dharmaraja" of India had threatened to publish the code online. Although the code dated back to 1999, security expert Alex Horan of CORE Security Technologies said there was still potential for harm. 

"Even if the anti-virus source code stolen from Symantec were several years old, it could possibly still be relevant to current software," he wrote in a blog post. "A criminal could conceivably leverage the source code to better understand how their anti-virus scanner emulates files and binaries to look for threats." 

About Our Expert

Sara Yin

Sara Yin

Junior software analyst

Sara Yin is a junior analyst in the Software, Internet, and Networking group at PCmag.com, pouring most of her energy into app testing and security matters at Security Watch with Neil Rubenking. She lies awake at night pondering the state of mobile security (half-true). Prior to joining PCMag.com, Sara spent five years reporting for publications in New York City (Huffington Post), Hong Kong (South China Morning Post), and Singapore (Campaign Asia, Men's Health). Follow her on Twitter at @SecurityWatch and @sarapyin, or contact her the old school way: email. That's sara_yin AT pcmag.com.

Read the latest from Sara Yin

Read full bio