Symantec has advised customers to take their copies of pcAnywhere offline as the company continues to struggle with the aftermath of a major data breach.
The company issued a whitepaper addressing new vulnerabilities in its remote access tool which have been exploited by a recently publicised attack which allowed attackers to gain access to the application's source code.
The 2006 hack was recently brought to light by an Indian hacking team which is seeking to publicly distribute the code.
Symantec has now determined that a major update is necessary to protect users from any flaws revealed in the compromised source code.
The company is advising users of pcAnywhere 12.5 to disable the remote management tool until an update is released.
"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," the company said in the whitepaper.
"For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein."
If users do not take their copies of the tool offline, the company warned that attackers could possibly compromise systems and perform 'man in the middle' attacks which could result in the theft of user credentials and other network traffic.
The company has provided further analysis of the issue and best practices for securing pcAnywhere in the full whitepaper report.
Microsoft claims Check Point's methodology is all wrong - figure more like five million, not 250 million
Microsoft's explanation still raises as many questions as it answers
Wikileaks dumps info on 'Brutal Kangeroo', the CIA's malware toolkit for hacking 'air-gapped' networks
CIA's Brutal Kangeroo malware suite likened to Stuxnet
Commuters less than chuffed - many fined for not having a ticket