Symantec has dropped its warning against the use of pcAnywhere that was issued last week.

If you recall, a group of hackers claimed credit for stealing the source code for pcAnywhere and two older Symantec security applications. The claims caused Symantec to reexamine its server logs from a 2006 security incident, leading the security company to conclude that the source code theft indeed occurred.

Symantec then released a white paper where it recommended that businesses disable pcAnywhere until a final set of software updates were released to "resolve currently known vulnerability risks."

After a flurry of software updates, Symantec is now hinting that the fixes are adequate for businesses to continue using pcAnywhere. When quizzed by Computerworld, Symantec spokesman Brian Modena offered via email that, "At this time, Symantec recommends that customers ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow general security best practices." When pressed, Modena repeatedly declined to declare that a patched pcAnywhere installation is safe to use, however.

A number of unanswered questions remain. For one, Symantec's reticence in openly declaring pcAnywhere as "safe for business" is curious given the great deal of open source network-enabled software out there. Did parts of pcAnywhere rely on security through obscurity? Moreover, why did the security firm delay in releasing the security patches for pcAnywhere--and then rush to release it within a week when it realized that the source code has been compromised?

For now, Symantec says it will give a free update to customers using a version of pcAnywhere older than version 12, up to the latest 12.5. Requests should be sent via email to pcanywhere@symantec.com.

For more:
- check out this article at Computerworld
- check out this article at InformationWeek

Related Articles:
Symantec warns against use of pcAnywhere in wake of code theft
Symantec source code stolen; company plays down theft