A utility to remove Sony BMG's copy protection program from customers' computers actually introduces a major security vulnerability into the systems, two Princeton University researchers said on Tuesday.
In his Freedom to Tinker blog, Princeton computer science professor Edward Felten said that the way Sony BMG and copy-protection provider First 4 Internet remove the software--using an Active X control--leaves PCs open to attack by malicious Web sites.
"The consequences of the flaw are severe," Felten wrote. "It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. Thats about as serious as a security flaw can get."
After a Finnish researcher tipped them off, Felten and graduate student Alex Halderman investigated the software and found that the Active X control is allowed to run with high privileges and can be called by any Web site, not just Sony BMG's site. Microsoft's Active X technology has caused a wide variety of security headaches for the software giant in the past. Now, Sony BMG seems to be the latest to fall prey to the hard-to-secure technology.
The incident is the latest to plague Sony BMG following the revelation that the Extended Copy Protection (XCP) software provided by First 4 Internet essentially takes control of PCs in the same way as a rootkit. Since two security researchers published their findings of Sony BMG's copy protection software, consumer and security complaints against the content company have gained legal backing, with at least five cases filed or ready to be filed against the music giant.
Posted by: Robert Lemos