Symantec hole gives crackers safe haven claim

SECURITY outfit Symantec has updated its Norton SystemWorks product to prevent crackers using one of its hidden files to store malware and Trojans.
Norton Protected Recycle Bin creates a hidden directory on Windows systems to help people restore modified or deleted files.

But the file is not scanned during any of Norton’s virus checks, nor can any files stored there be deleted. In otherwords it is the ideal place for a cracker to store malicious code.

The flaw was spotted by Mark Russinovich, the Sysinternals researcher who also investigated the Sony rootkit, and F-Secure, a Finnish security company that has a rootkit detection product.

After the upgrade is installed it will display the previously hidden “NProtect” directory in the Windows interface, which will allow it to be scanned by antivirus products.

Most people will get the update through the Symantec LiveUpdate service.
News source: Theinquirer


Please enter your comment!
Please enter your name here