
'Don't tell us, tell the FBI'
By Dan Ilett
Published: 14 January 2005 16:05 GMT
Microsoft has denied that an anti-piracy "feature" in its Windows Media Player that allows a Trojan horse to run on a user's PC is a vulnerability.
Panda Software warned earlier this week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses.
The Spanish security company said that virus writers had released licence-protected multimedia files containing Trojan horses (WmvDownloader.A and WmvDownloader.B) that can exploit the anti-piracy features in version 10 of the Media Player and Windows XP SP2.
Despite Panda's warning that the Trojan can download a cocktail of malware, Microsoft denies there is a flaw in its software.
"This Trojan appears to utilise a function of the Windows Media DRM designed to enable licence delivery scenarios as part of a social engineering attack," said Microsoft in an emailed statement.
"There is no way to automatically force the user to run the malicious software. This function is not a security vulnerability in Windows Media Player or DRM."
But Microsoft didn't say whether Windows XP SP2 fully protected users from unwanted downloads.
"Internet Explorer for Windows XP SP2 helps prevent downloads from automatically launching. Users who have installed Windows XP SP2 and turned on the pop-up blocker have an added layer of defence from this Trojan's attempt to deliver malicious software," said Microsoft.
The Redmond giant also said that people should go to the police if they think they have been attacked by such Trojans.
Microsoft also added that "customers in the United States who believe they have been attacked should contact their local FBI office or post their complaint on www.ifccfbi.gov. Customers outside the US should contact the national law enforcement agency in their country."
Dan Ilett writes for ZDNet UK
IT Security Analyst - South ESSENTIAL IT Security background within an IT Support environment Experience of supporting IT security infrastructure IT ...
A driving licence is preferential due to the company location. 1st Line IT Helpdesk Analyst - West Yorkshire - Wakefield, West Yorkshire.st Line IT ...
As the role will involve some travel between different sites, a full, clean UK driving licence is essential. RM is looking for a Senior Technical ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy