Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit-like Feature Found in Norton Systemworks

Posted by Zonk on from the i'm-helping-i'm-helping dept.

GenieGenieGenie writes "eWeek reports a rootkit-like 'feature' in Symantec's Norton Systemworks, discovered by the Mark Russinovich, who was also responsible for blowing the whistle on Sony's DRM rootkit. The cloaked directory is intended to prevent users from accidentally deleting important files, but could compromise a system by serving as a hiding place for malware, as was the case with Sony's rootkit. Russinovich says Symantec had good intentions, but they were right to post an update to fix this hole."

2 of 221 comments (clear)

  1. I don't trust their intentions by m50d · · Score: 1, Troll

    Given the way Norton will not uninstall without downloading a separate removal tool (and the fact they've known about this for five years but continue to ship versions that won't uninstall) I have zero confidence in Symantec having had good intentions with this.

    --
    I am trolling
  2. Re:Before the flame wars start... by pipingguy · · Score: 1, Troll


    Since we were covering the non-evilness of cookies last week, why is it that index.dat is never discussed? What does it contain and why is it tied so much to the OS?