Sunncomm/Mediamax software fix FLAWED



Once more in the continuing story…. According to freedom-to-tinker, the “fix” released today for the SunnComm/Mediamax DRM software (the “other” DRM software on sony/bmg discs). Is fatally flawed. The problem the software initially poses is much worse than the company lets on in their release and their advise is…. 1) don’t play a mediamax protected disc in your pc. 2)don’t use the fix, 3) don’t use the old uninstaller.


So, this was out, what…. 3, 4 hours before it was announced there were serious flaws with it? Ouch.

Here’s some of their analysis of the press release…

Alex Halderman has discovered that the problem is worse than the press release indicates:

You are vulnerable even if you decline the MediaMax license agreement. Simply inserting a MediaMax-bearing CD into your PC paves the way for an attacker to come along and set a booby-trap. The trap will be sprung the next time you insert such a disc.
SonyBMG has released a patch that purports to fix the problem. However, our tests show that the patch is insecure. It turns out that there is a way an adversary can booby-trap the MediaMax files so that hostile software is run automatically when you install and run the MediaMax patch.
The previously released MediaMax uninstaller is also insecure in the same way, allowing an adversary to booby-trap files so that hostile software is run automatically when you try to use the uninstaller.

(These attacks are similar to the exploit described in iSEC’s report, but they involve a different modification to the MediaMax files.)

And their summary of the flaw…

As we’ve written before, the first time you insert a MediaMax-bearing CD into your Windows computer (assuming you have Windows autorun enabled, as most people do), MediaMax installs some software on your computer. Once this initial software is on your computer, you are vulnerable to the new attack. The gist of the problem is that MediaMax installs itself in a directory that anyone is allowed to modify, even users who otherwise run with heavily restricted security permissions. Any program that comes along can modify your MediaMax files, booby-trapping the files by inserting hostile software that will be run automatically the next time you insert a MediaMax-bearing CD into your computer. And because MediaMax is run with full administrator privileges, the hostile program gets to run with full privileges, allowing it to inflict any mischief it likes on your PC.

Further they point out that the problems with MediaMax are JUST as bad as those with XCP and MediaMax protected discs should be recalled as well.

–update 12/8/05 1:57PM EST–

freedom-to-tinker talks today on this issue again. The problems with the DRM software is really from design straight through to implementation. Sony needs to recall their MediaMax discs too. The software installs whether or not you accept the terms and conditions.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Antivirus PC 2009 | Antivirus PC 2009 Removal Guide Antivirus PC 2009 is a rogue antivirus application that is installed through malware and other nefarious means. Once installed on your system it will complain about security problems on your system. It will scan and claim that there are viruses on your computer. Like most all of these rogue antivirus......
  • How to Remove Windows Smart Security (Removal Guide) Windows Smart Security is a rogue spyware application that may fool people into installing and purchasing due to the use of the words Windows and Security in the title. It may fool people into thinking that it is related to Microsoft Windows and perhaps even a part of the operating......
  • How to Remove BlockProtector | Removal Guide So... the tail end of last week saw another new variant in the Wini family of rogue antivirus: blockprotector. It's the successor to..... Blockscanner (blockscanner removal guide) as well as the long list of prior variants that you can find on that page. (Sorry... it's just getting to be ridiculously......
Blog Traffic Exchange Related Websites
  • Uncovering Registry Errors - Detect and Fix Registry Errors in Your Windows You need to scan registry errors because you are having performance issues with your computer such as slow down speed which are most likely brought about by registry errors. Oftentimes the users are unaware of such errors. However, do you know that even a non-tech user can solve those registry......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
  • Panasonic Security Camera Review - BB-HCM531A For your home or office, security is one of the biggest concern and we all think more about securing valuable things. It is not always required for you to sit and do the security job. With the invent of digital technology, there are various feature rich cameras which could do......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Sunncomm/Mediamax software fix FLAWED”

  1. Avery J. Parker - Web site hosting and computer service Says:


    [...] Please read Sunncomm/Mediamax software fix FLAWED for an update on the situation. [...]


Switch to our mobile site