Symantec caught using rootkit technology

Security vendor Symantec has admitted to using a rootkit-like technology in its Norton SystemWorks appliction.

The company admitted in a security advisory that the technology hides a directory from the user and the operating system.

"Files in the directory might not be scanned during scheduled or manual virus scans. This could potentially provide a location for an attacker to hide a malicious file on a computer," the vendor stated.

The technology aims to help the user recover files without running the risk of accidentally deleting them.

"In light of current techniques used by malicious attackers, Symantec has re-evaluated the value of hiding this directory," the advisory continued.

The security vendor has published an update that can be downloaded through Symantec LiveUpdate. The update requires a system reboot.

The firm emphasised that it is not aware of any attempts by hackers or worm authors to exploit the feature.

Symantec credited fellow security vendor F-Secure and software developer Mark Russinovich with finding the vulnerability. 

• Silicon Valley Sleuth: Rootkits all over again
• 2005 Review of the Year: Sony BMG

See also:

Sony BMG settles rootkit lawsuit

Free downloads or your money back  09 Jan 2006

Rootkits storm malware chart

Malware turns even more nefarious  08 Dec 2005

RIAA praises Sony over rootkit debacle

Sony BMG has 'behaved responsibly' throughout, claims Cary Sherman  21 Nov 2005

Amazon recalls rootkit XCP Sony CDs

Online retailer offers to replace all 'defective' CDs  19 Nov 2005

Sony rootkit accused of licence violation

Nightmare darkens for troubled record label  18 Nov 2005

Virus writers exploit Sony DRM

Sony doomsday scenario becomes reality  10 Nov 2005

Rootkit creators turn professional

Dodging the virus shield becomes big business as authors 'outsource' malware creation  19 Oct 2005

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!