Symantec statement on source code release and our opinion
We have reviewed the below statement from Symantec and while we are alerting you around this information it is our belief we do not have any current customers who are at risk. If you have any questions or would like for us to do an additional review of your environment, please contact our helpdesk at 770.514.1640 or help@ajcomputers.com.
Statement from Symantec Corporate
In an effort to keep you up-to-date on the unfolding events surrounding the
Symantec source code disclosure, further investigation of the claims made by
Anonymous brings us to believe that the disclosure was the result of a theft of
source code that occurred in 2006. Since 2006, Symantec has instituted a number
of policies and procedures to prevent a similar incident from occurring.
Affected products include:
- Norton Antivirus Corporate
Edition - Norton Internet Security
- Norton SystemWorks (Norton
Utilities and Norton GoBack) - pcAnywhere 12.0, 12.1 and 12.5
- Symantec Endpoint Protection
v11.0, which is four years old - Symantec AntiVirus v10.2, which
is five years old code, and a product that has been discontinued
Due to the age of the exposed source code,
except as specifically noted below, Symantec customers – including those
running Norton products — should not be in any increased danger of cyber
attacks resulting from this incident.
Customers of Symantec’s pcAnywhere product may face a slightly increased security
risk as a result of this exposure. Symantec is currently in the process of
reaching out to our pcAnywhere customers to make them aware of the situation
and to provide remediation steps to maintain the protection of their devices
and information.
How you can help customers using Norton Antivirus Corporate Edition, Norton
Internet Security, or Norton SystemWorks (Norton Utilities and Norton GoBack)
By keeping your customers’ solutions and virus definitions updated to the
latest version, you will help ensure protection against any new possible
threats that might result from this incident. Additional steps to take include
confirming that your customers are following best practices for protection
technology settings: tamper protection and IPS technologies defend against
vulnerabilities. Also consider enabling the uninstall password feature. This
helps prevents malware or other software from uninstalling Symantec AntiVirus
v10.2 or Symantec Endpoint Protection v11.0.
How you can help customers using pcAnywhere
As always with any remote control product (such as pcAnywhere), it is extremely
important that best practices are followed regarding physical security,
endpoint security, network perimeter security and secure remote access. For
example, all computers should have an endpoint protection technology installed
that is current and up-to-date. Corporate firewalls should not allow inbound or
outbound access to pcAnywhere without using VPN tunnels. Unauthorized
individuals should not be permitted on company property. Additionally,
companies should employ best practices when it comes to the configuration of
pcAnywhere – e.g. password strength, password retry limits, and requiring the
user to approve remote connections.
Symantec is committed to eliminating the increased risk as a result of the
exposure. In addition to a partner FAQ, we will also provide a technical white
paper that addresses initial remediation steps and issue maintenance patches as
a final step.
Given the nature of this ongoing investigation, we have no further details to
disclose at this time but will provide updates as we confirm additional facts.
For general information updates, please visit go.symantec.com/sourcecode.
For specific questions, please contact your Symantec account representative or
reference the partner FAQ or technical white paper being made available to you
via your partner account manager.
