Friday, January 13, 2006

Symantec Plants “Rootkit” on Customers Systems

It was discovered this week that Symantec’s Norton SystemWorks plants a “rootkit-type” hidden directory as part of it’s install. According to an article in eWeek, Symantec has released a patch to expose the directory so that it will become visible. After the flap over Sony’s DRM rootkit you would think that vendors would abandon this practice. If Symantec is doing this I wonder how many other vendors consider this a good practice?

Rootkits consists of files and directories that are hidden from your operating systems. Since they are hidden they don’t get scanned by your antivirus and spy ware programs. If someone compromises your system and places files in this directory you will not know that they are there and at that point your computer is not yours any more. This is “bad practice” and ought not be tolerated by the industry at all. EVER!

Wouldn?t’ you think that Symantec would know better?

If you are running Symantec’s Norton SystemWorks make sure you run LiveUpdate to patch your system.

Posted by Stevereno on 01/13 at 01:36 PM
(0) Comments Permalink