Symantec Found Using Rootkit Feature
First Sony, now Symantec! Yeeesh, guys! What’s with setting up security holes in our Windows systems? They are unsecure enough as it is!
I, personally, have never liked Symantec. For instance, Norton Antivirus is about as hard to remove from your system as a virus, itself! But this is a new low!
“The Norton Protected Recycle Bin feature adds a directory called NProtect, which stores temporary copies of files that users delete. The idea was to supplement the standard Windows Recycle Bin and enable users to recover files they removed accidentally.
However, hiding a directory from Windows can open the door to vulnerabilities, as the Sony DRM rootkit debacle exposed. Malware authors were able to write viruses and worms that hid in the cloaked directory, effectively preventing scanning software from discovering their existence on a PC.
Symantec notes that on-demand scanners, including Norton AntiVirus, would discover the malware when it is loaded it memory. Still, the company isn’t taking any chances after Sony’s PR disaster and has issued an update to make the NProtect directory visible in the Recycle Bin.”