IBM Computer, Laptops and Servers
Back Homepage Content Directory Resource Guide Blog
Laptop | Servers | Computers | Notebook | Computer | Business Integration | Server | Mainframes | Cheap Laptop | Laptop Batteries

US-CERT Alert: First 4 Internet XCP DRM Vulnerabilities

US-CERT Alert: First 4 Internet XCP DRM Vulnerabilities

November 15, 2005 (updated November 17, 2005) -- US-CERT is aware of several vulnerabilities regarding the XCP Digital Rights Management (DRM) software by First 4 Internet, which is distributed by some Sony BMG audio CDs. The XCP copy protection software uses "rootkit" technology to hide certain files from the user. This technique can pose a security threat, as malware can take advantage of the ability to hide files. We are aware of malware that is currently using this technique to hide.
One of the uninstallation options provided by Sony also introduces vulnerabilities to a system. Upon submitting a request to uninstall the DRM software, the user will receive via email a link to a Sony BMG web page. This page will attempt to install an ActiveX control when it is displayed in Internet Explorer. This ActiveX control is marked "Safe for scripting," which means that any web page can utilize the control and its methods. Some of the methods provided by this control are dangerous, as they may allow an attacker to download and execute arbitrary code.

More information about this vulnerability can be found in the following US-CERT Vulnerability Note:

* < href="http://www.kb.cert.org/vuls/id/312073">VU#312073 - First 4 Internet XCP "Software Updater Control" ActiveX control incorrectly marked "safe for scripting"

US-CERT recommends the following ways to help prevent the installation of this type of rootkit:

* Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install.
* Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD.
* Read the EULA (End User License Agreement) if you do decide to install software. This document can contain information about what the software may do.
* Disable automatically running CD-ROMs by editing the registry to change the Autorun value to 0 (zero) as described in Microsoft Article 155217.

Source: US-CERT

[ Comment, Edit or Article Submission ]

Share this:

Add To Yahoo MyWeb Add To Google Bookmarks Add To Furl Fav This With Technorati Add To Newsvine Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This Digg This Add To Del.icio.us Add To Reddit

More about:

Oct November 2008 Dec
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30            
IBM Computer, Laptops and Servers Blog on Technorati Related Blog of IBM Computer, Laptops and Servers on Sphere

New Posts on Blog RSS Blog New Posts Feed Atom Blog New Posts Feed

References:
Content Directory
Resource Guide


PC Pitstop Free Computer Diagnostics Helps Tuneups

Website Links
hitachi | rational | websphere | battery | it support | western digital | music | networks | toner | cheap laptops | wholesale | brother | doEvaTr742167481ckPgS
IBM Computer, Laptops and Servers Copyright © 2008 www.ibmfans.com. All rights reserved. Site Map
Homepage | Blog | Advertise | Privacy Policy | Disclaimer | Contact Us | Links