● 09.28.10

●● Microsoft DRM Makes More Windows Botnets, Adds No Security

Posted in DRM, Microsoft, Security, Windows at 5:19 am by Dr. Roy Schestowitz

Summary: New exploit takes advantage of Microsoft DRM (remotely-exploitable vulnerabilities), Engadget reviles DRM

Exploit-db.com has this new entry titled “Microsoft DRM Technology (msnetobj.dll) ActiveX Multiple Remote Vulnerabilities”

↺ this new entry

“Sort of what the FSF was saying back in the day MS released Vista with its flood of DRM embedded in it,” remarked Chips B. Malroy on it. Here is what boingboing.net had to say about it:

↺ had to say about it

Microsoft’s DRM makes your computer vulnerable to attackThe msnetobj.dll library is an ActiveX control used by Microsoft’s DRM; it is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer’s owner from disabling it or interfering with it.

“DRM Library From Microsoft Opens Your Computer to Attacks,” said IDG a few days later, citing boingboing.net.

↺ said IDG

“The msnetobj.dll library, an ActiveX Network Object, is no exception: according to BoingBoing, msnetobj.dll “is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer’s owner from disabling” the library.

“Aside from mandating what sort of files you can and can’t open on your computer, msnetobj.dll is susceptible to three different types of attacks: denial of service, buffer overflow, and integer overflow. Exploit Database notes that “this issue is triggered when an attacker convinces a victim user to visit a malicious website” and that a hacker could then exploit these holes to run malicious code on your system.”

An Engadget editor goes against DRM (very publicly in fact) some time during the weekend. Who can possibly blame him?

↺ goes against DRM

It’s been said so many times, but I just got stung hard by the DRM bug, and since there’s a “Senior Associate Editor” next to my name somewhere I get to complain about it. Now, if you’re a regular consumer with a modicum of common sense, nothing I’m going to say here will come as a surprise or revelation. You’re welcome to come along for the ride, but I’m pointing my quivering pen today at the media execs and their willing technologist accomplices that have the nerve in 2010 to enforce HDCP and other completely inane DRM and copy protection schemes to “protect” their content from theft…

The genesis of DRM and its conception was partly rooted in Bill Gates about a decade ago. It wasn’t until Vista that they made it part of Windows (Vista 7 has that too). █

partly rooted in Bill Gates about a decade ago

↺ Vista 7

“[Vista DRM] seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.“

–Peter Gutmann

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Send this to a friend

Permalink

↺ Send this to a friend

----------

Techrights

➮ Sharing is caring. Content is available under CC-BY-SA.