IT Management Suite Documentation

 View Only
  • 1.  About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 10, 2012 04:31 PM

    Introduction

    In January 2012, Symantec confirmed that pcAnywhere source code was exposed by hackers who posted the code publicly. At that time, Symantec responded with a hot fix to address immediate vulnerabilities. In addition, Symantec determined that the pcAnywhere security model required an update. This update secures pcAnywhere communications for the traditional pcAnywhere product as well as the pcAnywhere Solution, which is part of the Symantec Client Management Suite (CMS).

    As a result of the security updates, this new version of pcAnywhere is not backward-compatible with, and will not connect to, older versions of pcAnywhere

    Symantec recommends that customers install the latest version of pcAnywhere (12.5 SP4 or Solution 12.6.7) and follow general security best practices. The latest version of pcAnywhere includes all previous hot fixes and the updated security model.

    For additional information visit go.symantec.com/sourcecode
     

    pcAnywhere Access Server

    Access Server is not supported by latest version of pcAnywhere. As a result of the source code being exposed, Symantec determined that Access Server is not secure for Internet-based remote control sessions. Since Access Server is not secure, the updated security model in the latest version of pcAnywhere does not allow communication with Access Server.

    See the pcAnywhere Security Best Practices guide for risk scenarios and recommended security practices for using pcAnywhere and Access Server. In the absence of Access Server, Symantec recommends that you use VPN for Internet-based remote control sessions.

     

    Upgrading to pcAnywhere 12.5 SP4
     

    What should I do if my organization uses pcAnywhere?

    Symantec recommends that customers install the latest version of pcAnywhere and follow general security best practices. The latest version of pcAnywhere includes all previous hot fixes and the updated security model.

    For upgrade instructions, see the following article:

    pcAnywhere 12.5 SP4 Release Notes
     

    Features removed in pcAnywhere 12.5 SP4

    In pcAnywhere 12.5 SP4 outdated product features were removed. The features listed below are no longer available in this version of pcAnywhere.

    • Access Server
    • Symantec pcAnywhere Web Remote
    • Symantec pcAnywhere Mobile
    • Symantec pcAnywhere CrossPlatform for Remote and Host
    • Symantec pcAnywhere Gateway
    • Host Assessment tool
    • Host Administrator tool
    • Package deployment tool
    • Web deployment tool
    • NetBIOS and SPX connection type support
    • Support for all authentication types except pcAnywhere, NT, and AD for Windows/pcAnywhere and Apple Open Directory for Mac/pcAnywhere and Linux PAM for Linux
    • Option for making passwords case sensitive on the Security Options tab of Host Properties dialog box
    • Option to deploy thin host if host is not present on pcAQuick Connect dialog box
    • Encryption tab on pcAnywhere options dialog box

    Documentation for pcAnywhere 12.5 SP4

     

    Document title

    Description

    URL

    pcAnywhere  12.5 SP4 Release Notes

    The Release Notes contain information about what's new in this release, installation and upgrade information, system requirements, and fixed and known issues of this release.

    www.symantec.com/docs/DOC5352

    pcAnywhere Security Best Practices Guide

    The pcAnywhere Security Best Practices Guide contains information on the enhanced security changes, how key areas of these enhancements work, and some of the steps that users should take to reduce security risks.

    www.symantec.com/docs/DOC5475

    Technical White Paper: 

    Symantec pcAnywhere Security Recommendations

    The Technical White Paper on pcAnywhere Security Recommendations contains general information about security best practices for pcAnywhere.

    www.symantec.com/content/en/us/enterprise/white_papers/b-pcanywhere-security-recommendations-WP.pdf

    pcAnywhere  12.5 SP4 User Guide

    The User Guide contains conceptual and task-based information on the features of pcAnywhere.

    www.symantec.com/docs/DOC5335

    pcAnywhere  12.5 SP4 Administrator Guide

    The Administrator Guide contains details about the creation and deployment of custom installation packages, using Symantec Packager, centralized logging, integration with directory services, and managing security.

    www.symantec.com/docs/DOC5336

     

    pcAnywhere 12.5 SP4 Getting Started Guide

    The Getting Started Guide provides information about the tools and components of pcAnywhere and helps you get started with the installation of the product.

    www.symantec.com/docs/DOC5347


    Upgrading to pcAnywhere Solution 12.6.7
     

    What should I do if my organization uses pcAnywhere?

    Symantec recommends that customers install the latest version of pcAnywhere Solution and follow general security best practices. The latest version of pcAnywhere Solution includes all previous hot fixes and the updated security model.

    Before upgrading please note that this version of pcAnywhere Solution changes the pcAnywhere security model. Security changes in this version of pcAnywhere are not backward-compatible and do not support connections to prior software versions.

    For upgrade instructions, see the following article:

    pcAnywhere Solution 12.6.7 Release Notes
     

    Documentation for pcAnywhere Solution 12.6.7

     

    Document title

    Description

    URL

    pcAnywhere Solution 12.6.7 Release Notes

    The Release Notes contain information about what's new in this release, installation and upgrade information, system requirements, and fixed and known issues of this release.

    www.symantec.com/docs/DOC5350

    pcAnywhere Security Best Practices Guide

    The pcAnywhere Security Best Practices Guide contains information on the enhanced security changes, how key areas of these enhancements work, and some of the steps that users should take to reduce security risks.

    www.symantec.com/docs/DOC5475

    Technical White Paper: 

    Symantec pcAnywhere Security Recommendations

    The Technical White Paper on pcAnywhere Security Recommendations contains general information about security best practices for pcAnywhere.

    www.symantec.com/content/en/us/enterprise/white_papers/b-pcanywhere-security-recommendations-WP.pdf

    pcAnywhere Solution 12.6.7 User Guide

    The User Guide contains conceptual and task-based information on the features of pcAnywhere Solution.

    www.symantec.com/docs/DOC5394

     



  • 2.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 10, 2012 04:48 PM

    Is it safe to say that these versions address all of the security risks/exposures from the previous source code hack?



  • 3.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 10, 2012 06:38 PM

    Hi,

    I can't confirm your question. Please go to the following web page for the latest information about the pcAnywhere update:

    go.symantec.com/sourcecode



  • 4.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 12, 2012 11:25 AM

    This showed up as a update to my v7.0SP5 installation this morning.  I applied the update and it completely took down PCA in the console and otherwise.

    SIM improperly identifies this update as being capable of being applied to v7.0 SMPs.

    I had to remove the new solution and revert back to 12.5 SP2 in order to restore services.



  • 5.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases
    Best Answer

    Posted Apr 18, 2012 02:50 PM

    CB Payne,  Thank you for calling this out.  The new version of pcAnywhere no longer shows up as available in SIM if you are using ITMS/CMS 7.0.



  • 6.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 19, 2012 01:15 PM

    A few users including me are having problems with clients after installing the update, see http://www.symantec.com/connect/forums/pcanshostbhf-file-not-valid-pcanywhere-file for more details.



  • 7.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 29, 2012 12:37 PM

    After update we can no loner remote machines and machines are getting pop-up upon login, "Pcanshost.bhf File Is Not A Valid Pcanywhere File"

    No way to uninstall once you implement it.  Need fixed!



  • 8.  RE: About the pcAnywhere 12.5 SP4 and pcAnywhere Solution 12.6.7 Releases

    Posted Apr 30, 2012 12:30 PM

    altiriscomau,

    As mentioned above, this issue is currently being tracked on a seperate forum discussion:

    http://www.symantec.com/connect/forums/pcanshostbhf-file-not-valid-pcanywhere-file 

    That thread lists a kb article as a potential workaround for importing bhf files (http://www.symantec.com/docs/HOWTO75111).