|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
So Symantec has found a new rootkit
Symantec has found a new rootkit that hides from Windows XP on the hard drive's boot sector. Nasty stuff. A traditional rootkit installs as a driver while this new rootkit installs so that it controls the master boot record (MBR) before
the operating system loads, said Symantec's security researcher Oliver Friedrichs, in a Computerworld story. This allows it to hide especially well - "unprecedented" is the term that Friedrich's uses to describe this threat. The rootkit is fine-tuned to work only on Windows XP systems. Vista users may remain protected because they should be explicitly asked to approve the installation of this MBR rootkit when a User Account Control warning pops up. This is because the rootkit requires administrative-level approval to install to the hard drive's master boot record.
The Computerworld story says:
If the rootkit does find its way onto a system, you may be looking at a PC that cannot be repaired but has to be wiped clean. Symantec claims that its antivirus software fights the rootkit by identifying it as a Trojan named Mebroot when the rootkit attempts to install itself. Researchers also suggest checking to see if your PC's BIOS includes a MBR write-protection feature. If so, they advocate activating it.