You are here: silicon.com > Software > Malware

Malware

Microsoft: 'DRM hole? It's not a flaw, but patch it'

'We said we wouldn't but we're going to now...'

Printer Friendly Email Story RSS

By Jo Best

Published: 20 January 2005 15:00 GMT

Last week, Microsoft declared Windows Media Player's method of handling DRM licences wasn't a security flaw, and said they wouldn't be issuing a patch. This week, the Redmond giant seems to have changed its mind.

Antivirus company Panda Software warned last week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses.

However, Microsoft said at the time that the issue was not a flaw because it relied on social engineering, rather than automatic infection, to get users to download malware. Two Trojans are already in the wild designed to exploit the mechanism, which affects both Windows Media Player 10 and XP SP2.

Microsoft is sticking to guns and maintaining that the fact that an anti-piracy feature can be exploited does not a security flaw make - but Redmond is saying it will patch the programs anyway.

A Microsoft spokeswoman said: "Microsoft stated several weeks ago that we were looking into the issue and that this problem was not a security flaw. That position has not changed."

"After further review, we determined that it made sense to offer an update to consumers that would allow them to have greater default control over licence acquisition elements within the Player... Microsoft will release an update in the next 30 days," she added.

ZDNet's Dan Ilett contributed to this report

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

"This week, the Redmond giant has changed its mind...
Anonymous

This is the second time that Microsoft have said a...
Craig

I tried it for the first time a week ago. My expe...
Anonymous

Click here to see all

Related Links

Microsoft offers Outlook subscription

Seven Longhorns to debut in May 2006?

Hotmail goes mobile in India

Microsoft Research lab opens in Bangalore

Microsoft finds malicious attack flaw

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead

Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy

Phishers set their sights on corporate accounts

Tax-refund phishing scams hit an all-time high

First critical Windows 7 patches released

Online fraudsters enlist Trojans to run off with your money

Microsoft files lawsuits in malicious-ad crackdown


  • Jobs
Senior Hyperion DRM/Razza Consultant, Blue Chip Client, West London

A fantastic opportunity for a Senior Hyperion DRM/Razza (Data Relationship Management) Consultant for a large Blue Chip Client based in West London. ...

IT Security Analyst - South

Must hold a current driving licence DESIRABLE Juniper SSL VPN RSA SecurID MailSweeper WSUS and patch management Ironport Web Content Filteringo ...

Desktop Support - Dublin 4

The PPDA validates customer entitlements and gives high level technical support through information gathering, analytical troubleshooting and ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Is Your Enterprise Architected for Tomorrow's Growth?

Improving IT service delivery through an integrated approach to software asset management...

TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...

Top 10 DMVs for Easier SQL Server Monitoring

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay's Skype sale gets green light

Join the silicon.com LinkedIn networking group

Windows 7: Over 200 per cent more popular than Vista

Bletchley Park's World War Two codebreakers in their own words

Europe: Brace yourself for a telecoms overhaul

BT offers free fibre to Glasgow businesses




Quick Sitemap Links: