Post Fri Jan 13, 2006 12:50 am

Symantec Rootkit Removed From SystemWorks

Symantec acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

A spokesman for Symantec referenced the Sony flap in a statement sent to eWEEK, but downplayed the risk to consumers. "In light of current techniques used by today's malicious attackers, Symantec re-evaluated the value of hiding the [previously cloaked] directory. Though the chance of an attacker using [it] as a possible attack vector is extremely slim, Symantec's update further protects computers by displaying the directory," the spokesman said.

For full story:
http://www.eweek.com/article2/0,1895,1910077,00.asp

Don
CISSP, MCSE, CSTA, Security+ SME