Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit-like Feature Found in Norton Systemworks

Posted by Zonk on from the i'm-helping-i'm-helping dept.

GenieGenieGenie writes "eWeek reports a rootkit-like 'feature' in Symantec's Norton Systemworks, discovered by the Mark Russinovich, who was also responsible for blowing the whistle on Sony's DRM rootkit. The cloaked directory is intended to prevent users from accidentally deleting important files, but could compromise a system by serving as a hiding place for malware, as was the case with Sony's rootkit. Russinovich says Symantec had good intentions, but they were right to post an update to fix this hole."

8 of 221 comments (clear)

  1. norton by fireiceviperhotmail. · · Score: 1, Funny

    I just think its ridicules to hide stuff for me on MY Computer.

    Julien. http://free.hostdepartment.com/8/81fortune/

  2. Deleting files by gr8_phk · · Score: 3, Funny

    They did it so users couldn't accidentally delete important files?? Sure would be nice if there was such thing as "root" on Windows so you could have files that every day users couldn't delete...

  3. $sys$Nothing 2 see here. Please move along.htm.pif by Anonymous Coward · · Score: 2, Funny
    I don't see any problem here at all.

    Heh, my "confirm you're not a script" image is "sanity."

  4. I always knew... by Chaos1 · · Score: 2, Funny

    I always knew that Norton guy was shady. Just look at the smug picture on the back of his books and other products. Plus he went and trademarked his name.

    --
    I only need the Preview button when I haven't used the Preview button.
  5. Re:Rootkits are big now by IngramJames · · Score: 2, Funny

    I found this interesting site the other day when looking for a rootkit detector: www.rootkit.com

    Dude, you slashdotted a rootkit (detection?) site.

    Somewhere there's irony in that.

    --
    'No rational religion claims "supernatural" exists, that's an atheist slander.' - seen on slashdot.
  6. Re:steps by stunt_penguin · · Score: 2, Funny

    10.
    teach
    user
    how
    to
    use
    BR
    tags
    .

    --
    When the posters fear their moderators, there is tyranny; when the moderators fears the posters, there is liberty.
  7. Where was that place? by Evil+Closet+Monkey · · Score: 2, Funny
    Russinovich says Symantec had good intentions, but they were right to post an update to fix this hole.

    I was getting directions to someplace the other day, the guy said the road there was paved with "good intentions". Damn, I can't remember the name of the place... think, think...

  8. Cloaked Directory = Windows Registry by pahoran · · Score: 2, Funny

    "The cloaked directory is intended to prevent users from accidentally deleting important files, but could compromise a system by serving as a hiding place for malware..."

    Is it just me, or does that sound like the Windows Registry?

    --
    I'd give my right arm to be ambidextrous.