LOL, so basically Linux is just as crappy as Windows. But all kidding aside, I still don't understand why Windows and apparently also Linux are designed in a way to make rootkits possible in the first place. It's almost like they wanted to built-in a hidden backdoor. I mean no legitimate app needs such functionality.
Well, to get some perspective on this kernel rootkit, from the article: Latest 2.6x is 2011, while 3.10x is 2012 As well from the same article: An even somewhat up to date kernel resists the first pathways, while installing updates from only trusted repositories addresses the latter pathway.
Red Hat Enterprise Linux 7 includes Linux kernel 3.10. Plenty of computers at large enterprises may still use it. I don't understand why they would install package from untrustworthy third-party source in that setting though.
Good point, or why they would still run an older kernel version, unless it's been secured somehow, maybe with SELinux for example.
