Categories
- Arts & Entertainment
- Business
- Communications
- Computers
- Culture & Society
- Disease & Illness
- Fashion
- Finance
- Food & Beverage
- Health & Fitness
- Hobbies
- Home & Family
- Home Based Business
- Internet Business
- Legal
- Pets & Animals
- Politics
- Product Reviews
- Recreation & Sports
- Reference & Education
- Religion
- Self Improvement
- Shopping
- Travel & Leisure
- Vehicles
- Writing & Speaking
First 4 Internet Sony XCP DRM Vulnerabilities
Submitted: 2007-01-17 16:02:35
Print this article | Tell a friend | For publisher |
Technological measures protecting works distributed on Compact Discs have been found to pose unreasonable security risks to consumers personal computers, corporate and government networks and the information infrastructure as a whole. Vulnerabilities inherent in widely distributed CD protection measures create the potential for a frightening range of abuses.
Viruses and Trojan horses are already leveraging these technologies to hide from antivirus programs and system administrators. Exacerbating the unacceptable risks posed by these technological protection measures, is that fact that the uninstallers provided to remove these measures pose additional security risks allowing a malicious web site to hijack a consumer’s computer.
You have to be aware of several vulnerabilities regarding the XCP Digital Rights Management (DRM) software by First 4 Internet, which is distributed by some Sony BMG audio CDs. The XCP copy protection software uses "rootkit" technology to hide certain files from the user. This technique can pose a security threat, as malware can take advantage of the ability to hide files. We are aware of malware that is currently using this technique to hide.
One of the uninstallation options provided by Sony also introduces vulnerabilities to a system. Upon submitting a request to uninstall the DRM software, the user will receive via email a link to a Sony BMG web page. This page will attempt to install an ActiveX control when it is displayed in Internet Explorer. This ActiveX control is marked "Safe for scripting," which means that any web page can utilize the control and its methods. Some of the methods provided by this control are dangerous, as they may allow an attacker to download and execute arbitrary code.
First 4 Internet XCP "Software Updater Control" ActiveX control isincorrectly marked "safe for scripting" We recommend the following ways to help prevent the installation of this type of rootkit: Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install. Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD.
Alexandro have a diploma and a master in Software Engineering and Information Security. He is the owner of http://www.jaec.info a site with free guides to computer security. You can get information about Rootkit Detector Software, Free guide to computer firewall security - protection and more at his site |
Article source: Expert Articles
Most Recent Articles in Computers category
- Rabbi Yitzhak Miller the Cyber Rabbi - By: Promila Saini
Connecting. Caring. Understanding. Empathizing. Being a mensch. These are the hallmarks of being both a good Rabbi and an effective Rabbi. When Rabbi Yitzhak Miller set out to use 21st century technology to reach both Jews and people interested in Judaism, the greatest challenge was not the webcams or video- - SMS: An Effective Way To Communicate - By: Nisha Garg
Sending text messages or sms through mobile phones was a popular concept with every mobile phone user. But with the advanced technology, one can also send messages through the internet by registering with one of the websites. These messages can be sent at cost-effective prices or even free of cost. - Computer Backups - By: Sudhir Sharma
Computer backup is so important to your computer that to ignore it is to risk its damnation. Computers require care and feeding. They require that you attend to their needs. If you don't, then they will most surely be sent to Hell. - Live Chat Software makes Online Customer Support & Online selling easier. - By: Maya Gupta
Live chat gives the web site a human touch wherein real time communication and one to one communication with the customer is possible. The best function of this add on software is however the one to one communication with the customer and the instant feedback. - Things to Know About Computer Repair Services - By: James Larry
Also known as computer tech support, these services solve your PC errors and problems right away. Well! There are many other advantages of availing online computer services. Let's take a look at them: - Building the Right Success Coaching Website - By: Mikel Bruce
A website can serve as a double-edged sword when it comes to enhancing the image of your Success Coaching business. In many cases your website is the first thing that your potential clients see and in some cases it is the only representation of your business they will ever see - so quality is important. The image that your site presents and the perception it creates is critical. A website should serve three very important functions for your business. - Choosing The Best New Computer Model - By: Sudhir Sharma
Many computer manufacturers, especially such computer giants as IBM, Dell, Gateway, Sony, Apple, etc. issue families (series) of computers. Models of computers in each series have either the same principle of design, or same processor, or have been given diapason of performances. - What of the ABCs of computer memory - By: Sudhir Sharma
Computer memory is called Random Access Memory (RAM). The information stored in RAM can be accessed randomly, rather than sequentially. This means that data can be found in any location at the same rate of speed. Other storage media, such as CD-Rom and hard drives, must wait while the drive spins to the correct location before the data can be accessed. - Is My PC Vulnerable on the Internet? - By: Ravinder Singh
Think about this: Is a simple antivirus application enough to protect your PC against all threats? No longer are viruses the only threat on the internet. In recent years other threats have evolved which include spyware, - Identity Theft (R&R)? - By: Jagdeep Singh
Identity theft is the most prolific crimes committed today and it knows no boundaries. So by now most people know of the problem but are unaware of how it all got started.