F-Secure: The 'Symantec Rootkit'
Image source: F-Secure
Mikko writes over on the F-Secure "News from the Lab" Blog:
There has been quite a bit of media coverage on the "Symantec rootkit".More here.
We were the ones that discovered this issue and informed Symantec about it last year - in fact this is nicely attributed in the Symantec advisory.
But we want to be clear on this: what Symantec was doing here was not nearly as bad as what Sony was doing with their rootkit.
Norton Systemworks has a feature called "Protected Recycle Bin". This feature is intended to enable the user to recover deleted files that would otherwise be unrecoverable. These files are stored in a folder typically called C:\Recycler\Nprotect - and this folder is hidden with rootkit-like techniques. There's nothing inherently wrong in this.
posted by Fergie @ 1/12/2006 11:36:00 AM
0 Comments:
Post a Comment
<< Home