SONY DRM rootkit – the gift that keeps on giving
Well… I said, more legs than a centipede for this one…. It looks as though the uninstaller from Sony is an activex control that may have some SEVERE security implications. The ActiveX invokes a command to reboot the computer (RebootMachine). (Which is likely remotely exploitable). Also it appears to use an (InstallUpdate) download which could be exploitable AND if that’s not enough, a n ExecuteCode function which could crash the browser. It should be noted that the ActiveX uninstaller REMAINS ON THE SYSTEM after the SONY DRM ROOTKIT is removed, meaning that these functions would be available for remote exploit even after the XCP software is uninstalled.
Sunbelt blog had the link. Right now the author of the 1st link is looking for a link to the uninstaller so that the above can be verified. I suspect there’s still a bit more to come here as well…
Update 11-15
The securityfix has the story that today several groups of security and privacy experts are expected to announce findings of several serious security vulnerabilities in the XCP software, a search that has been going on in earnest since the rootkit was discovered.
From the article…
But wait, it gets … er … better. The researchers discovered a security flaw in XCP (which stands for “extended copyright protection”) that could afford attackers a window through which to break into computers running the software and install additional software or viruses.
There are some hints there about vulnerabilities with the uninstaller listed above, a link here gives the warning to not use Sony’s uninstaller.
Popularity: 1% [?]
Related Posts - Barcode Scam to get $4.99 iPod A Colorado University student was arrested for a barcode scam after trying to buy an iPod for $4.99 (with a fake barcode) at a Colorado Target store. Apparently the scam was successful once and he came back a second time. Basically he used a barcode printing program to duplicate the......
- Microsoft touts Windows vista restart manager Okay - here we go.... Microsoft is talking about a new feature of Vista that allows you to ... update parts of the operating system or applications without having to reboot the entire machine. Another angle at OSnews.com. If that works as advertised that's great. Update something related to networking,......
- The Continuing Stooo-ry of the Sony DRM rootkit debacle.... Let's see there are a couple more notes to pass along on Sony DRM rootkit news. This story could go on for some time, it's already had legs for about a week or more and just when things started to wind down a bit, there's a bit more. First up,......
Related Websites - How to Use Coin Collecting Software Finding the value of your coins is something which most people who have a coin collection are very concerned with. This is true whether you are buying a set of coins or you have had your collection for a long period of time. There have been books over the years......
- Corporate Blog Security Issues If you are planning on starting your own corporate blog or executive blog, or if you already have a corporate blog that you are writing in, then one of your greatest concerns should be corporate blog security issues. There are a variety of different corporate blogging security issues that you......
- Get Important Advice About How to make money from a website There are many ways you can generate income from a website or a blog. I have listed below the ways and below that is a explanation of how you can earn money from your website. 1.Affiliate Marketing2.Online Marketing3.Referrer Programs4.Renting Ad Space1.Affiliate MarketingThis type of generating income is the most popular......
Similar Posts
- Sony’s OTHER DRM software uninstaller will be pulled
- Sunncomm/MediaMax software fix released
- Sony DRM Rootkit — it’s worse
- Today’s Sony DRM rootkit stories….
- Sony’s DRM song sounding worse by the day