Sony has announced that a patch is available for a 2nd flaw discovered in the controversial DRM system used on its CDs.
Sony's cupful of woes is threatening to spill over...
Amid the raging furore over its rootkit DRM music CDs, the company has announced that a patch is now available for a 2nd flaw discovered in the controversial DRM system it uses on several of its CDs.
Following blogger Mark Russinovich's discovery last month, that the XCP DRM (digital rights management) copy protection software used in a number of Sony music CDs can actually hide itself using rootkit mechanism and expose users' PCs to hacker attacks, Sony was forced to withdraw millions of CDs from retail.
Sony has, ever since been in the eye of a storm... Now digest this!
The technology in question this time around is SunComm's MediaMax Version 5 content protection software, and the flaw was discovered as a result of a security audit requested by digital rights body - the Electronic Frontier Foundation (EFF) and carried out by iSEC Partners.
SunComm's MediaMax Version 5 is designed as a copy protection software, but it installs a file folder on users' systems which can be exploited by attackers to gain control over the infected system.
Seems like Sony BMG has gotten wiser... the company has given an assurance that the review of this system, and the subsequent patch have been carried out with all due diligence, especially in the light of the continuing debacle over the XCP copy protection software.
The company says it has not only granted the EFF's request for the audit, but also conceded to having an independent third-party software security firm - NGS Software inspect the patch and the subsequent state of MediaMax technology.
Thomas Hesse, president - Global Digital Busines, Sony BMG, said, that the company believed the availability of the patch coupled with its online advertising campaign to warn customers of the dangers posed by the CDs, would appropriately address the issue of CDs with MediaMax Version 5 on the market.
The patch for the latest security flaw is available from the SunnComm and the Sony Web site.
According to company sources, around 80 Sony titles for artists ranging from Britney Spears to Billie Holiday contain the MediaMax Version 5 copy protection software. The company is currently in the process of recalling millions of its CDs from shops, all in the midst of pre-Christmas shopping.
And If that's any concession... Sony claims this problem applies only to CDs marketed in USA and Canada; not to CDs manufactured for the UK market.