In a shocking revelation, a researcher at Rapid7 has claimed that approximately 200,000 systems worldwide with Internet connectivity could be hijacked by cyber criminals exploiting vulnerabilities present in the security vendor Symantec's popular product pcAnywhere.
The disclosure was made less than a month after Symantec issued a warning to all pcAnywhere users asking them to either disable or completely uninstall the software as hackers had laid their hands on its source code.
Almost a week later, the company announced that all vulnerabilities were patched, but refrained from confirming the safety of reinstalling pcAnywhere.
Rapid7 claims that despite being issued the warning and the subsequent patching of all vulnerabilities in the programme, there were still 150,000 to 200,000 customers who were using the unpatched copy of pcAnywhere. It further stated that the systems running the unpatched copy of the programme could fall victim to large scale cyber attacks with serious consequences.
"These [point-of-sale] systems are an attractive target for break-in... There are a lot [of PCs] that haven't been updated. It seems the recent patches have been very much ignored," HD Moore, chief security officer at Rapid7, as reported by PC Advisor.