Symantec admits security flaw

Symantec, owner of the security software Norton SystemWorks admits the existence of a security flaw that can be exploited by malwares. The flaw is of the "rootkit" type.

A "rootkit" is a set of tools capable of conceal processes, files and other information preventing the detection of malwares such as virus, spywares and invasion programs.

In Norton, the "rootkit" works as the following: a folder named NProtect keeps all the files deleted by the user. It allows files to be undeleted. The problem is that Norton (as a "rootkit") hides the folder not only from the user but also from the operating system. It prevents antivirus and security tools from scanning the folder creating a hiding place for malwares. Symantec already released a "patch" that fixes the problem.

Sources

• "Norton outs its own 'rootkit'"

• "Symantec comes clean on Norton rootkit"

• "Symantec forced to fix rootkit-style flaw"