Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

Created: 10 Apr 2012 • Updated: 06 May 2013 | 7 comments
anguyen's picture
This issue has been solved. See solution.

Introduction

In January 2012, Symantec confirmed that pcAnywhere source code was exposed by hackers who posted the code publicly. At that time, Symantec responded with a hot fix to address immediate vulnerabilities. In addition, Symantec determined that the pcAnywhere security model required an update. This update secures pcAnywhere communications for the traditional pcAnywhere product as well as the pcAnywhere Solution, which is part of the Symantec Client Management Suite (CMS).

As a result of the security updates, this new version of pcAnywhere is not backward-compatible with, and will not connect to, older versions of pcAnywhere

Symantec recommends that customers install the latest version of pcAnywhere (12.5 SP4 or Solution 12.6.7) and follow general security best practices. The latest version of pcAnywhere includes all previous hot fixes and the updated security model.

For additional information visit go.symantec.com/sourcecode
 

pcAnywhere Access Server

Access Server is not supported by latest version of pcAnywhere. As a result of the source code being exposed, Symantec determined that Access Server is not secure for Internet-based remote control sessions. Since Access Server is not secure, the updated security model in the latest version of pcAnywhere does not allow communication with Access Server.

See the pcAnywhere Security Best Practices guide for risk scenarios and recommended security practices for using pcAnywhere and Access Server. In the absence of Access Server, Symantec recommends that you use VPN for Internet-based remote control sessions.

 

Upgrading to pcAnywhere 12.5 SP4
 

What should I do if my organization uses pcAnywhere?

Symantec recommends that customers install the latest version of pcAnywhere and follow general security best practices. The latest version of pcAnywhere includes all previous hot fixes and the updated security model.

For upgrade instructions, see the following article:

pcAnywhere 12.5 SP4 Release Notes
 

Features removed in pcAnywhere 12.5 SP4

In pcAnywhere 12.5 SP4 outdated product features were removed. The features listed below are no longer available in this version of pcAnywhere.

  • Access Server
  • Symantec pcAnywhere Web Remote
  • Symantec pcAnywhere Mobile
  • Symantec pcAnywhere CrossPlatform for Remote and Host
  • Symantec pcAnywhere Gateway
  • Host Assessment tool
  • Host Administrator tool
  • Package deployment tool
  • Web deployment tool
  • NetBIOS and SPX connection type support
  • Support for all authentication types except pcAnywhere, NT, and AD for Windows/pcAnywhere and Apple Open Directory for Mac/pcAnywhere and Linux PAM for Linux
  • Option for making passwords case sensitive on the Security Options tab of Host Properties dialog box
  • Option to deploy thin host if host is not present on pcAQuick Connect dialog box
  • Encryption tab on pcAnywhere options dialog box

Documentation for pcAnywhere 12.5 SP4

 

Document title

Description

URL

pcAnywhere  12.5 SP4 Release Notes

The Release Notes contain information about what's new in this release, installation and upgrade information, system requirements, and fixed and known issues of this release.

www.symantec.com/docs/DOC5352

pcAnywhere Security Best Practices Guide

The pcAnywhere Security Best Practices Guide contains information on the enhanced security changes, how key areas of these enhancements work, and some of the steps that users should take to reduce security risks.

www.symantec.com/docs/DOC5475

Technical White Paper: 

Symantec pcAnywhere Security Recommendations

The Technical White Paper on pcAnywhere Security Recommendations contains general information about security best practices for pcAnywhere.

www.symantec.com/content/en/us/enterprise/white_papers/b-pcanywhere-security-recommendations-WP.pdf

pcAnywhere  12.5 SP4 User Guide

The User Guide contains conceptual and task-based information on the features of pcAnywhere.

www.symantec.com/docs/DOC5335

pcAnywhere  12.5 SP4 Administrator Guide

The Administrator Guide contains details about the creation and deployment of custom installation packages, using Symantec Packager, centralized logging, integration with directory services, and managing security.

www.symantec.com/docs/DOC5336

 

pcAnywhere 12.5 SP4 Getting Started Guide

The Getting Started Guide provides information about the tools and components of pcAnywhere and helps you get started with the installation of the product.

www.symantec.com/docs/DOC5347

Upgrading to pcAnywhere Solution 12.6.7
 

What should I do if my organization uses pcAnywhere?

Symantec recommends that customers install the latest version of pcAnywhere Solution and follow general security best practices. The latest version of pcAnywhere Solution includes all previous hot fixes and the updated security model.

Before upgrading please note that this version of pcAnywhere Solution changes the pcAnywhere security model. Security changes in this version of pcAnywhere are not backward-compatible and do not support connections to prior software versions.

For upgrade instructions, see the following article:

pcAnywhere Solution 12.6.7 Release Notes
 

Documentation for pcAnywhere Solution 12.6.7

 

Document title

Description

URL

pcAnywhere Solution 12.6.7 Release Notes

The Release Notes contain information about what's new in this release, installation and upgrade information, system requirements, and fixed and known issues of this release.

www.symantec.com/docs/DOC5350

pcAnywhere Security Best Practices Guide

The pcAnywhere Security Best Practices Guide contains information on the enhanced security changes, how key areas of these enhancements work, and some of the steps that users should take to reduce security risks.

www.symantec.com/docs/DOC5475

Technical White Paper: 

Symantec pcAnywhere Security Recommendations

The Technical White Paper on pcAnywhere Security Recommendations contains general information about security best practices for pcAnywhere.

www.symantec.com/content/en/us/enterprise/white_papers/b-pcanywhere-security-recommendations-WP.pdf

pcAnywhere Solution 12.6.7 User Guide

The User Guide contains conceptual and task-based information on the features of pcAnywhere Solution.

www.symantec.com/docs/DOC5394

 

Comments 7 CommentsJump to latest comment

nicoled18's picture

Is it safe to say that these versions address all of the security risks/exposures from the previous source code hack?

anguyen's picture

Hi,

I can't confirm your question. Please go to the following web page for the latest information about the pcAnywhere update:

go.symantec.com/sourcecode

cb payne's picture

This showed up as a update to my v7.0SP5 installation this morning.  I applied the update and it completely took down PCA in the console and otherwise.

SIM improperly identifies this update as being capable of being applied to v7.0 SMPs.

I had to remove the new solution and revert back to 12.5 SP2 in order to restore services.

nlyons's picture

CB Payne,  Thank you for calling this out.  The new version of pcAnywhere no longer shows up as available in SIM if you are using ITMS/CMS 7.0.

altiriscomau's picture

After update we can no loner remote machines and machines are getting pop-up upon login, "Pcanshost.bhf File Is Not A Valid Pcanywhere File"

No way to uninstall once you implement it.  Need fixed!

nlyons's picture

altiriscomau,

As mentioned above, this issue is currently being tracked on a seperate forum discussion:

http://www.symantec.com/connect/forums/pcanshostbh...

That thread lists a kb article as a potential workaround for importing bhf files (http://www.symantec.com/docs/HOWTO75111).