First 4 Internet Sony Xcp Drm Vulnerabilities

Submitted by: Alexandro Frante

Technological measures protecting works distributed on Compact Discs have been found to pose unreasonable security risks to consumers personal computers, corporate and government networks and the information infrastructure as a whole. Vulnerabilities inherent in widely distributed CD protection measures create the potential for a frightening range of abuses.

Viruses and Trojan horses are already leveraging these technologies to hide from antivirus programs and system administrators. Exacerbating the unacceptable risks posed by these technological protection measures, is that fact that the uninstallers provided to remove these measures pose additional security risks allowing a malicious web site to hijack a consumer s computer.

You have to be aware of several vulnerabilities regarding the XCP Digital Rights Management (DRM) software by First 4 Internet, which is distributed by some Sony BMG audio CDs. The XCP copy protection software uses “rootkit” technology to hide certain files from the user. This technique can pose a security threat, as malware can take advantage of the ability to hide files. We are aware of malware that is currently using this technique to hide.

[youtube]http://www.youtube.com/watch?v=PY7Ur43nY2M[/youtube]

One of the uninstallation options provided by Sony also introduces vulnerabilities to a system. Upon submitting a request to uninstall the DRM software, the user will receive via email a link to a Sony BMG web page.

This page will attempt to install an ActiveX control when it is displayed in Internet Explorer. This ActiveX control is marked “Safe for scripting,” which means that any web page can utilize the control and its methods. Some of the methods provided by this control are dangerous, as they may allow an attacker to download and execute arbitrary code.

First 4 Internet XCP “Software Updater Control” ActiveX control isincorrectly marked “safe for scripting”

We recommend the following ways to help prevent the installation of this type of rootkit:

Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install.

Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD.

About the Author: Alexandro have a diploma and a master in Software Engineering and Information Security.He is the owner of

jaec.info

a site with free guides to computer security.

Source:

isnare.com

Permanent Link:

isnare.com/?aid=88828&ca=Computers+and+Technology