Is capicom.dll required for pcAnywhere functionality
|Article:TECH209758|||||Created: 2013-08-19|||||Updated: 2013-09-12|||||Article URL http://www.symantec.com/docs/TECH209758|
According to a Microsoft Security Bulletin MS07-028 Capicom has a potential vulnerability. http://technet.microsoft.com/en-us/security/bulletin/ms07-028
pcAnywhere uses Capicom.dll for smart card authentication. Symantec recommends applying the update, attached to this tech article, to all installations of pcAnywhere and pcAnywhere Solution. The script removes an old version of the Microsoft file, capicom.dll, that is no longer supported for updates by Microsoft and could be potentially vulnerable.
Though this file is present in the product, it is not used by pcAnywhere 12.5 SP4 and newer versions, or by any version of pcAnywhere Solution. As this file presents a potential security risk, Symantec recommends using the available script to remove it. This recommendation is a precautionary best practice. There are no known exploits of pcAnywhere as a result of this outdated file and they are unlikely as it is not an active component of the product features and does not accept external input.
The host files from pcAnywhere Box 12.x and pcAnywhere solution 12.x installed in a Windows environment. Remote only installations do not contain capicom.dll.
Capicom.dll is used in the smart card authentication.
If smart card authentication is not in use in the box version, pcAnywhere 12.5 SP3 or earlier, capicom.dll can be deleted with out negatively impacting the performance of the other features of pcAnywhere. Likewise, removing capicom.dll from pcAnywhere 12.5 SP4 or later, and all versions of pcAnywhere Solution causes no adverse functionality as they do not have smart card authentication as an option.
The attached VB script is a sample of what could be used to help automate the removal of the capicom.dll files and is provided as is.
Article URL http://www.symantec.com/docs/TECH209758