Sony BMG Fixes New DRM Security Hole
In conjunction with the Electronic Frontier Foundation, Sony BMG said on Tuesday it had issued a patch to fix a security vulnerability within the SunnComm copy protection utilized on 27 CDs. The new problem is separate from the XCP DRM software by First4Internet that included a rootkit.
Specifically, SunnComm's MediaMax version 5 does not properly protect a directory it installs, opening the door for a privilege escalation attack. A restricted user account could replace the executables within the MediaMax directory with malicious code, which would then be executed by an administrator upon inserting a CD.
The vulnerability was discovered by security firm iSEC Partners after the EFF requested the software be examined for problems. The action was taken following the uncovering of a rootkit in Sony's other copy-protection software known as XCP. The rootkit was used to cloak the DRM and prevent its removal, in turn opening a number of security holes on a PC.
Attempting to make up for its prior missteps, Sony says it will notify customers of the SunnComm problem through an advertising banner within the MediaMax software, and via an online ad campaign. The update can be downloaded from the Sony BMG Web site and will be issued to security vendors.
"We're pleased that Sony BMG responded quickly and responsibly when we drew their attention to this security problem," said EFF staff attorney Kurt Opsahl. "Consumers should take immediate steps to protect their computers."
Sony BMG president Thomas Hesse, who infamously told NPR that most users "don't even know what a rootkit is, so why should they care about it?" was more humble this time around.
"We're grateful to EFF and iSEC for bringing this to our attention. We believe that the availability of the update coupled with our campaign to notify customers will appropriately address the CDs with MediaMax Version 5 in the market," he said in a statement.
As for the XCP DRM, Sony has claimed it pulled the affected CDs off store shelves entirely and the company is offering an exchange program for customers. Still, Sony is facing lawsuits from Texas and the EFF due to its actions, and New York Attorney General Eliot Spitzer warned Sony that some rootkit-laden CDs are still available for purchase.