ZDNet reports that a rootkit installed by Symantec has
been disclosed. Following on the heels of the Sony fiasco, this disclosure has to make you wonder what these developers
are thinking. Symantec claims they made a directory undetectable to "help prevent users from accidentally deleting
files" in the Norton Protected Recycle Bin. Probably not their cleverest idea ever, considering a hidden directory
like this is a favorite place for malware to hide.
An update is available. If you're running Symantec's
Norton SystemsWorks, run Live Update immediately and get this patched. Then run a full antivirus and spyware scan.
The ZDNet articles says:
"Symantec credits Mark
Russinovich, the Sysinternals researcher who also investigated the Sony rootkit, and F-Secure, a Finnish security company that has a rootkit detection product, for
helping it address the SystemWorks issue."
Russinovich has developed a rootkit detector utility that, while not
appropriate for the faint of heart or casual PC user, is an excellent addition to a technically savvy user's utility
toolkit.
