You almost want to bury your head in the sand at this point if you’re Sony…. Freedom-to-tinker has some details. The last couple weeks the XCP copy protection that Sony uses has been the center of a Firestorm for rootkit capabilities and massive security problems. Well, it seems the OTHER Digital Rights Management (DRM) software they use ( SunnComm MediaMax ) has some serious flaws too.
The big security flaw is in the ActiveX uninstaller component, much like the security flaws in the XCP uninstaller….
From Felten’s post: “When you visit the SunnComm uninstaller web page, you are prompted to accept a small software component — an ActiveX control called AxWebRemoveCtrl created by SunnComm. This control has a design flaw that allows any Web site to cause it to download and execute code from an arbitrary URL.
“If you’ve used the SunnComm uninstaller, the vulnerable AxWebRemoveCtrl component is still on your computer, and if you later visit an evil Web site, the site can use the flawed control to silently download, install and run any software code it likes on your computer. The evil site could use this ability to cause severe damage, such as adding your PC to a botnet or erasing your hard disk.”
Also, there is a tool to block this component at the Freedom-to-tinker link above and it comes with this warning.
“Unfortunately, if you use our tool to block the control, you won’t be able to use SunnComm’s current uninstaller to remove their software. It’s up to them to replace the flawed uninstaller with a safe one as soon as possible, and to contact those who have already used the vulnerable uninstaller with instructions for closing the hole.”
The flaw in this uninstaller is easier to exploit than that of the previous according to freedom-to-tinker.com and they EMPHASIZE that the problem (security flaw) is with the UNINSTALLER for the SunnComm MediaMax software. To get the uninstaller link required a couple of emails to support “pestering” for a way to get rid of the software. So if you have the MediaMax software installed and have never uninstalled it previously you should be safe (as far as is known. In other words, there are no other KNOWN problems with the MediaMax DRM.)
So, the world now waits for Sony and SunnComm’s reactions to this and hopefully a fix that can clear up the MASSIVE security holes they’ve left on machines around the world. Once again… thanks Sony.
Brian Krebs at the SecurityFix is also soliciting for a list of CDs protected by THIS DRM management software (the SunnComm MediaMax tool.) And says that he was skeptical at the beginning that this would be a deathknell for DRM software, but he’s starting to wonder.
Personally, in a time when computer security is such an issue, having unknown software from multiple sources can really raise a machines risk. It really makes me wonder what liabity these companies could find themselves in for poorly designed software. (And how enforcable a EULA is if there isn’t a reasonably easy way to decline.)
Beyond that it’s a reminder that should be WELL known by now. ActiveX controls can be VERY unsafe.
–update 11/17 – 8PM EST –
The Electronic Freedom Foundation has lists of titles affected by either DRM software. Also, it seems that some titles may be on the list and NOT have copy protection, you essentially need to use the “spotting guide” at the EFF link above to determine if you have a DRM’ed disc or not.
Related PostsRelated Posts
- Remove Proof Defender | Proof Defender Removal Proof Defender is another rogue security application that acts and claims to be antispyware/antivirus, but in reality is nothing more than a scam to get your dollars for a program that raises red flags over imaginary viruses and claims to clean them. It's related to the Perfect Defender 2009 family......
- The virus arms race? is locking down systems the key? The securityfix has a post on the "dirty little secret" about antivirus. Eugene Kaspersky of Kaspersky antivirus has posted an introspective article on the antivirus industry and it's current problems. The biggest problem with antivirus is that it's always one step behind the virus writers. Antivirus software only can prevent......
- How to Remove Guard Pro | Guard Pro Removal Guide Guard Pro is a rogue antivirus application that is promoted through the use of malware and trojan horses. Once it is installed on a system it will run at startup and will scan the computer claiming to find files infected with viruses and finding security problems with your system. It......
- Is Manual Link Building For You - It May Be There are a lot of SEO methods out there. And all of which have their pros and cons and manual link building is not an exception. This is nothing more than looking for the sites that you want to link back to yours and add them to that site or......
- World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
- Antivirus Software Vs. Internet Security Software Lots of individuals believe that antivirus software and internet security software are same. While they protect your PC and avoid it from being attacked and infected by threats, they have exact roles in terms of defense and safety for your PC. Antivirus software can be installed on your personal computer......
- Sunncomm/MediaMax software fix released
- Sony’s OTHER DRM software uninstaller will be pulled
- Today’s Sony DRM rootkit stories….
- Sunncomm/Mediamax software fix FLAWED
- The best way to get rid of the Sony DRM rootkit