James Delahunty
9 Dec 2005 6:51
The Electronic Frontier Foundation (EFF) is now urging consumers not to apply the patch released by SunnComm just days ago to fix a security vulnerability in the company's MediaMax content protection software. This Digital Rights Management (DRM) technology has shipped on over 5.7 million CDs in the Unites States and Canada (50 different titles). The EFF and Sony BMG had announced the release of the patch just days ago but it has been discovered that the patch leaves users open to other security holes.
Researchers Ed Felten and Alex Halderman discovered the new vulnerabilities. "We take any security problems identified by these security researchers very seriously," said the EFF. Dr Felten and Mr Halderman called on Sony BMG to recall all the CDs bearing the MediaMax software. All this comes just weeks after Sony BMG was forced to recall all CD titles that included XCP DRM, as the rootkit-like software file hiding techniques it used were exploited by virus writers.
The MediaMax vulnerability could have led to users' computers being easily hijacked. Affected artists include Alicia Keys, Britney Spears, Black Rebel Motorcycle Club and Faithless. Sony is facing legal action now over XCP.
Source:
BBC News