Even though software company Symantec released a patch for its pcAnywhere program after it was infiltrated by hackers, as many as 200,000 computers are still running the infected version, including thousands that may have access to credit card and other sensitive data. These numbers are according to Rapid7, which surveyed the Net for computers that were running unpatched versions of the software.
The hack into pcAnywhere is incredibly large in scope, and Symantec even advised users to remove the program entirely. That’s crazy. The company even admits that its patch may not be strong enough to prevent other vulnerabilities from being exposed. Rapid7 said that around 2.5% of the infected PCs that haven’t been patched are computers that act as point-of-sale systems in retail stores or other small businesses. That means they contain very sensitive information.
Symantec never revealed how many computers had installed pcAnywhere, so it’s unclear how many people did actually perform the patch, but Rapid7 chief security officer HD Moore said, “It seems the recent patches have been very much ignored.” Unfortunately, the outlook is not very optimistic. With that many exposed computers, there could be a massive breach of data, and it’s frightening that Symantec has so little control over what might happen. Perhaps we should all just keep our fingers crossed.