Symantec has updated its widely used Norton SystemWorks to fix a security flaw that remote hackers could use to...
hide malicious software.
The PC-tuning application has a feature called the Norton Protected Recycle Bin, which can create a hidden directory on Windows systems.
In an advisory note Symantec said that while the feature was designed to help users restore modified or deleted files, the hidden folder might not be scanned during scheduled or manual virus scans.
Because of this anomaly, the directory could be used as a place for attackers to store malicious code to enable attacks on the machine or others connected to it, according to Symantec.
The security company said it was not aware of any attempts so far by hackers to use the discovered weakness, and that the patch was a pro-active one.
Sony’s copy-protected music CDs posed a similar problem recently, when it was discovered they created a secret rootkit on a user’s machine, which could allow remote attacker to store rogue code without users knowing about the weakness.
Symantec’s recovery file has been hidden since its introduction to prevent inexperienced computer users from deleting it. Because of developing hacking techniques, the company said the folder would no longer be hidden.
The Norton update will display the previously hidden NProtect directory in the Windows interface, allowing it to be scanned by anti-virus products.