Monday, January 16, 2006

Rootkits in Commercial Software

Mark Russinovich writes over on the SysInternals blog:

By now many of you have heard that Symantec released a security advisory last Tuesday that reported its use of rootkit-like cloaking technology in its SystemWorks product. The Symantec use of rootkit-like cloaking raises the question of what exactly defines a “rootkit” and whether or not there is ever a justifiable reason to use cloaking.

I’ll first describe Symantec’s cloaking and then I’ll move on to trying to answer these two questions.

More here.

posted by Fergie @ 1/16/2006 11:29:00 AM

0 Comments:

Post a Comment

<< Home