Let’s see there are a couple more notes to pass along on Sony DRM rootkit news. This story could go on for some time, it’s already had legs for about a week or more and just when things started to wind down a bit, there’s a bit more. First up, the EFF has a writeup on the EULA that Sony sends along with it’s DRM-ified Cds. Among other things it obliges you to wipe any copies of songs of your pc if you’re cd is lost or stolen, it cannot be played on a work computer, you can’t take it with you if you leave the country, you MUST install any and all updates to their software or the content is forfeit, SONY-BMG reserves the right to install backdoors or other means to protect their content, SONY will only be liable for a maximum of $5, if you declare bankrupcy you must forfeit all the music on your pc, no derivitave works, (photo albums for family/friends, mash-ups, or sampling), music on the pc may NOT be transfered even if the cd accompanies the transfer.
Category: Security
-
Realplayer has issued a critical patch for a couple vulnerabilities
Incidents.org is reporting that realplayer has issued a patch in response to two vulnerabilities discovered by eEye. The first involves a skin file which could be loaded through the browser without permission and the second, a specially made .rm file which could allow code execution.
Update 11/11 – The security fix has further coverage
-
Looks as though the FTC has broken up a spyware ring
A bit of good news on the spyware front, the FTC has announced that it’s frozen the assets of a spyware ring. Apparently they spread spyware through a network of sites and blogs that pushed ringtones, lyrics, and pictures. Good to see some progress made against spyware pushers….
-
Sony BMG is still having a bad week….
Unfortunately a LOT of people that have bought Sony-BMG cds (or borrowed, whatever…) are going to have some headaches too. By stock in Tylenol or Aleve or something…. anyway… here’s todays roundup of Sony Rootkit news. Including a virus borrowing the gift of SONY…
First up is some “backstory” that reminds us of Sony’s attitudes in the past on the issue of piracy and what should be done about it, along with the precient “I think most people don’t know what a rootkit is” satatement.
-
MS05-053 Microsoft Windows Image Viewing Vulnerability
Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.
-
Phpbb include vulnerability scanning
Incidents.org is reporting scanning for phpbb include vulnerabilities through Google. Apparently there is an IRC botnet being “cultivated”. They are scanning for versions of phpBB prior to 2.0.10, the current release is 2.0.18.
The new IRC bot scans for vulnerable systems using Google, when successful it announces that “oopz and sirh0t and Aleks g0t pwned u!”, and has UDP flooding and UDP/ICMP/TCP scanning capabilities.
The file phpbb_patch was found on exploited systems.
-
VideoC is not a real video player
Sunbeltblog has a story about the “VideoC” video player… apparently they discovered this when visiting a site. A video starts to play and then abruptly stops and claims that “VideoC” player needs to install to view the clip. VideoC is not REALLY a video player just a clever way to get loads of spyware on your system.
-
Microsoft November 2005 patch day
That most wonderful day of the month has come when we get an idea of what vulnerabilities we may see exploited…. Seriously, if you run Windows, go to windowsupdate.microsoft.com or ensure you have automatic updates if at all possible. This months most critical update relates to a vulnerability in the way windows renders (draws) images. It appears that an attacker could design a web page with images in such a way as to run arbitrary (anything they want) code (programs) on the victims computer, alter or view data, or simply control the machine (creating/removing user accounts, etc.)
-
Google the most recent phishing target
This reminds me of the emails that used to circulate claiming that Microsoft and Disney were testing a way to trace email and to keep forwarding the message, when it got to 500 people they all supposedly would win a trip to DisneyWorld. I guess people are generally trusting and willing to believe they may already be a winner. This one is a bit more dangerous though…. It seems there’s a phishing scheme going around claiming to be from Google, claiming that you’ve won $400.
-
XML RPC worm new variant
There seems to be a new variation on the xml rpc worm spreading about, so patch patch patch. If you have php and vulnerable software on a web facing server, patch.