Symantec forced to fix rootkit-style flaw

By Derek Sooman on
Symantec has been forced to fix a flaw in Norton SystemWorks that could allow an attacker to hide malicious code in a hidden directory used by the software. The problem in question is in the Norton Protected Recycle Bin, which allows users to restore file types not stored by Windows’ own recycle bin after deletion. It utilises a hidden folder called NProtect, which (yes, you guessed it!) is not scanned by anti-virus software during scheduled or manual scans. This makes the location a potential hideaway for malware.

"In light of current techniques used by malicious attackers, Symantec has re-evaluated the value of hiding this directory," an advisory on its website stated. Symantec has released an automatic update via its LiveUpdate, which makes the directory visible during all types of scan.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.