[Previous entry: "More Sony DRM"] [Main Index] [Next entry: "Sony shades the truth"]

11/15/2005 Archived Entry: "Sony screws up again"

Does it never end? The Inquirer reports that the web-based tool offered by Sony to remove their copy-protection rookit installs an even bigger vulnerability in its place. To be specific, it installs -- permanently -- an ActiveX control that "allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get."

We can expect exploits for this to appear soon. Meanwhile, do not use Sony's web-based XCP uninstaller; do not accept any software downloaded from First4Internet (the creators of XCP).  —brad