Symantec Caught in Norton Rootkit Flap


Symantec Corp has fessed up to using a rootkit type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers. The anti-virus vendor acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

Symantec, of Cupertino, Calif., is the second commercial software vendor caught in the flap over the use of rootkit-type techniques to hide files on computers. Rootkits are programs that are used to give a remote user access to a compromised system while avoiding detection from security scanners. Symantec Caught in Norton 'Rootkit' Flap

Linked by shanmuga Wednesday, 11th January 2006 9:21PM