Security vendor Symantec has admitted to using a rootkit-like technology in its Norton SystemWorks appliction.
The company admitted in a security advisory that the technology hides a directory from the user and the operating system.„Files in the directory might not be scanned during scheduled or manual virus scans. This could potentially provide a location for an attacker to hide a malicious file on a computer,” the vendor stated.
The technology aims to help the user recover files without running the risk of accidentally deleting them.„In light of current techniques used by malicious attackers, Symantec has re-evaluated the value of hiding this directory,” the advisory continued.
The security vendor has published an update that can be downloaded through Symantec LiveUpdate. The update requires a system reboot.
The firm emphasised that it is not aware of any attempts by hackers or worm authors to exploit the feature.
Symantec credited fellow security vendor F-Secure and software developer Mark Russinovich with finding the vulnerability.
Tom Sanders in California, vnunet.com 13 Jan 2006
Ah, ce de căcat se fac firmele mari când apeleaza la porcăriile astea.
