Symantec uses Rootkit in Norton SystemWorks?!?

;D

Symantec Corp. has admitted to using a rootkit-type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers.

The anti-virus vendor acknowledged that it was hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

Symantec, of Cupertino, Calif., is the second commercial company caught in the flap over the use of rootkit-type techniques to hide files on computers. Rootkits are programs that are used to give a remote user access to a compromised system while avoiding detection from security scanners.


eWeek Security

Looks like a Sony/Symantec merger bid ;D notice how both begin with ‘s’ for snake, as in low down snake in the grass or s***

Another negative point to Symantec :stuck_out_tongue:
This is a bad antipiracy policy :frowning:

:stuck_out_tongue: ;D ;D ;D

yep have to agree as low as a snakes belly ;D all the s’s do fit :wink:

What does the Symantec issue have to do with antipiracy? :wink:

Avoiding simple copy of the install CD.
If I’m wrong, just correct me ::slight_smile:

I think those “rootkit features” was simply hiding of the Norton-Protected Recycle Bin folder (so that people couldn’t delete the files for real by accident, but have to use the “Empty Norton-Protected Recycle Bin” option). But I’m not really sure, I could be wrong as well.

It doesn’t see to be to stop copy of the CD, the only mention of that related to a reference to SONY’s use of a rootkit for DRM purpose.

From the article:

The anti-virus vendor acknowledged that it was hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

Symantec wants to lend a hand with Vista security