All the latest UK technology news, reviews and analysis

Symantec caught using rootkit technology

by Tom Sanders in California

13 Jan 2006

Comment: 1

  • Tweet this

Security vendor Symantec has admitted to using a rootkit-like technology in its Norton SystemWorks appliction.

The company admitted in a security advisory that the technology hides a directory from the user and the operating system.

Further reading

"Files in the directory might not be scanned during scheduled or manual virus scans. This could potentially provide a location for an attacker to hide a malicious file on a computer," the vendor stated.

The technology aims to help the user recover files without running the risk of accidentally deleting them.

"In light of current techniques used by malicious attackers, Symantec has re-evaluated the value of hiding this directory," the advisory continued.

The security vendor has published an update that can be downloaded through Symantec LiveUpdate. The update requires a system reboot.

The firm emphasised that it is not aware of any attempts by hackers or worm authors to exploit the feature.

Symantec credited fellow security vendor F-Secure and software developer Mark Russinovich with finding the vulnerability. 

Do you agree?

Add your comment

Symantec

I am sure that I am not by any means alone in being unsurprised by your article on Symantec. This leads me to ask how many other frustrated peolple there are out there who have purchased products from Symantec by downloading, only to have problems with rejection on the grounds that the subscription is expired even though one's card has been debited. The Support Site is both frustrating and unhelpful.Having used the excellent Nortons for years, I will never again purchase these products by download off the web.

Posted by: Tarrant Green 05 Jul 2006

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

Web blocking. Content owners want to stop copyright infringement

Music file-sharing site taken offline by UK Serious Organised Crime Agency

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Acer Aspire S3 Ultrabook

Acer Aspire S3 ultrabook review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Information Security Manager

My client is a well established, non profit organisation;...

PHP Web Developer

PHP Web Developer – £30,000 - £35,000 PHP, MySQL, HTML...

HEAD OF DIGITAL - London - £80-95K+

HEAD OF DIGITAL - London - £80-95K + Excellent Bens...

Agile C# Developer - (North London)

Agile C# Developer - (North London) £55,000 - £65,000...

To send to more than one email address, simply separate each address with a comma.