Shamus_McFartfinger Posted January 13, 2006 Posted January 13, 2006 http://www.vnunet.com/vnunet/news/2148516/...-caught-rootkit Sony BMG saga all over again? Tom Sanders in California, vnunet.com 13 Jan 2006 Security vendor Symantec has admitted to using a rootkit-like technology in its Norton SystemWorks appliction. The company admitted in a security advisory that the technology hides a directory from the user and the operating system. "Files in the directory might not be scanned during scheduled or manual virus scans. This could potentially provide a location for an attacker to hide a malicious file on a computer," the vendor stated. The technology aims to help the user recover files without running the risk of accidentally deleting them. "In light of current techniques used by malicious attackers, Symantec has re-evaluated the value of hiding this directory," the advisory continued. The security vendor has published an update that can be downloaded through Symantec LiveUpdate. The update requires a system reboot. The firm emphasised that it is not aware of any attempts by hackers or worm authors to exploit the feature. Symantec credited fellow security vendor F-Secure and software developer Mark Russinovich with finding the vulnerability.
Wheatking Posted January 13, 2006 Posted January 13, 2006 Super, now I have to worry about my anti-virus program screwing up my computer which, ironically, is what it is suppsed to prevent in the 1st place.
zacoz Posted January 14, 2006 Posted January 14, 2006 Wouldn't be surprised if a number of other system applications do similar - whether they own up to it themselves or not is the question.
dbminter Posted January 21, 2006 Posted January 21, 2006 Here's the funny thing... NProtect has always been visible on MY system... it isn't when the option to hide system files is turned on, which I always turn off as part of basic systems install.
Recommended Posts