| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft: DRM Trojan hole is not a vulnerability | |
|
||
| Time: 08:48 EST/13:48 GMT | News Source: ZDNet UK | Posted By: Brian Kvalheim | ||
Microsoft has responded to security warnings about its Media Player by saying that Windows XP SP2 will protect its customers from malware. Microsoft has denied that an anti-piracy "feature" in its Windows Media Player that allows a Trojan horse to run on a user's PC is a vulnerability. Panda Software warned earlier this week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 314 Last | Next |
The time now is
10:17:51 AM
ET.
Any comment problems? E-mail us |
| #1 By 2332 (66.228.91.60) at 1/14/2005 11:51:43 AM |
|
It's pretty funny that even when a user does their best to avoid the security disaster that is IE, simply opening a WMV can cause IE to open their machine up to potential exploitation.
This may be support for the argument, which I have long dismissed, that the integration of IE and Windows makes the combination inherently less secure. |
| #2 By 6859 (206.156.242.39) at 1/14/2005 12:51:10 PM |
|
Nothing in that Register article says anything about RIAA/MPAA being behind the trojan DRM,a nd if they were behind it, and that information were to leak out, they (the MPAA/RIAA) become liable under US Federal law: it is a felony to knowlingly infect another person's computer system with malicious programs. Using the defense that they were simply preventing piracy is not an excuse at all, and they'd be in deep doo-doo.
So, even if you're right and the MPAA/RIAA is behind this, eventually this would be their own undoing as the onslaught of lawsuits get filed against them--and by their own stupidity they'd be forced to either settle out of court or lose horribly in court. |
| #3 By 2332 (66.228.91.60) at 1/14/2005 2:01:37 PM |
| #3 - The popup window itself has an IE window embedded inside it. Any exploits that apply to viewing a web page can be used to compromise the user's machine and the only interaction required is to open the WMV (or whatever file). |
| #4 By 61 (65.32.168.114) at 1/14/2005 4:36:42 PM |
| Just from the fact that these files are coming from Kazaa and BitTorrent networks, I say the user deserves what they get. |
| #5 By 2332 (66.92.78.189) at 1/14/2005 7:20:17 PM |
|
#7 - I see... so I download an episode of MacGyver and I deserve to get infected with viruses or spyware? Wow.
You're making a whole series of unjustified assumptions. |
| #6 By 23275 (68.17.42.38) at 1/15/2005 12:52:06 AM |
|
#2 - there is no scientific basis for what you wrote.
I see that opinion a often - too often and it is simply not true. Such "IE integration" statements are so false it is just nuts. No more so than MS's windowing services running form the Kernel...again, there is just no basis in computing science for such a comment. Most vulnerabilities in IE were/are related to how SW using COM Clients were was handled. That was fixed w/SP2. Far more porous COM Client issues exist within other browsers - certainly far more serious than any in XP SP2. The downloads spoken of relate to similar types of calls - and again, as MS asserts, the design of SP2, which drastically modified how such clients are handled prevents exposure - even opposite properly signed, however malicious wrapped code might be. Please consider, http://www.objectinnovations.com/CourseOutlines/120.html |
|
Write Comment
Return to News |
Displaying 1 through 25 of 314 Last | Next |
The time now is
10:17:51 AM
ET.
Any comment problems? E-mail us |
