Caught that on Digg.
Putting aside my thoughts on Symantec as a whole - this should be an eye opener.
I do some database and coding work and just a year ago the information on Windows root kits were from "hackers" and seemed to be a remote possibility if used common sense. This isn't true any longer (although I do questions if these are *technically* root kits - I can even write things that windows cannot normally see but I'm not modifying the kernel.)
You also have to question that many of the virus detection apps out there have chosen to ignore or refuse to detect these items that I consider a threat. In the case of the Sony rootkit nearly every vendor didn't detect the kit - many of them knew of it and/or were contacted by the vendor and had made the decision to not report the app.
The best way I can think of to detect things like these aren't particularly easy - best answer would be to create an Md5 checksum on critical files and store them elsewhere. Then boot to a self-contained OS (Bart PE, Linux, whatever) on a CD and re-run the checksum. Compare the two. If they differ you've got something on your system that may be suspicious....
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)
Discussion Intel current and future Lakes & Rapids thread
Facebook
Twitter