Symantec has been forced to fix a "flaw" in Norton SystemWorks which could possibly allow malware authors to hide files from users. While the feature is designed to prevent SystemWorks users from accidentally deleting files vital to the software package"s NProtect feature, weaknesses in the technology could be exploited by opportunistic developers of malicious software.
The hidden directory is also hidden from most antivirus scans, including Symantec"s own. This allows malware/virus writers with knowledge of the directory can easily hide their files undetected. While no exploits have been made to this point, it did not take long for Sony"s rootkit to become exploited and quickly spiral out of control in weeks past.
Users of 2005 and 2006 versions of SystemWorks and SystemWorks Premier are urged to run LiveUpdate to patch the flaw, which will then allow the directory to be seen and scanned by antivirus software.