H. D. Moore of leading vulnerability scanner company Rapid7 has just determined that as many as 200,000 systems connected to the Internet could be hijacked by hackers exploiting bugs in Symantec’s pcAnywhere. Even worse for those in retail, up to 5,000 of those are running point-of-sale software on them.
Some patches have been released by Symantec to partially correct the issue, but if you are not keeping your pcAnywhere patched through maintenance agreements and you also have POS systems accessible using it you are highly vulnerable and need to consider disabling or uninstalling it right now, as even Symantec itself has suggested. Also, consider using this breach “near miss” as a launching point to get your PCI effort back on track and consider options that can be deployed rapidly as a complete PCI compliance solution.
More details here:
http://www.networkworld.com/news/2012/022212-researcher-200000-windows-pcs-vulnerable-256449.html
