Symantec caught using rootkit technology
Security vendor Symantec has admitted to using a rootkit-like technology in its Norton SystemWorks appliction. The company admitted in a security advisory that the technology hides a directory from the user and the operating system.
“Files in the directory might not be scanned during scheduled or manual virus scans. This could potentially provide a location for an attacker to hide a malicious file on a computer,” the vendor stated.
The firm emphasised that it is not aware of any attempts by hackers or worm authors to exploit the feature. Symantec credited fellow security vendor F-Secure and software developer Mark Russinovich with finding the vulnerability.