While not as bad as the Sony Rootkit, it has been revealed that the SunnComm MediaMax DRM software has a somewhat major security vulnerability as well that could allow for privilege escalation (or messing with the software’s files as an unprivileged user). The problem stems from the fact that the DRM software, when first run off a protected CD, installs itself with file permissions set in such a way that even the lowest privileged users in Windows (including the Guest account) have “Full Control” over the files. This could allow a regular user (or malicious code running as a regular user) to replace the DRM software with something malicious (such as a virus or backdoor), and then the next time someone with Administrator privileges attempts to play a protected CD, the code would be run, installing the malicious code. Obviously this is more of a concern in corporate or other managed environments, since most consumers run Windows with full Administrator privileges anyway.
SonyBMG has released a patch for this issue, which is available from their website. However, EFF does not suggest using the patch at this time.
To be clear, note that this is NOT the Sony Rootkit (XCP), but is a different type of DRM software used on certain SonyBMG discs.
Secunia Advisory SA17933
EFF’s Statement
The Full Report (pdf)
Yet another example of DRM being harmful for our computers…
-Tom
Leave a Reply
You must be logged in to post a comment.
Pages
Categories
Archives
- April 2012
- March 2010
- February 2010
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- April 2005