You are here: silicon.com > Software > Malware

Malware

Microsoft: 'DRM hole? It's not a flaw, but patch it'

'We said we wouldn't but we're going to now...'

Printer Friendly Email Story RSS

By Jo Best

Published: 20 January 2005 15:00 GMT

Last week, Microsoft declared Windows Media Player's method of handling DRM licences wasn't a security flaw, and said they wouldn't be issuing a patch. This week, the Redmond giant seems to have changed its mind.

Antivirus company Panda Software warned last week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses.

However, Microsoft said at the time that the issue was not a flaw because it relied on social engineering, rather than automatic infection, to get users to download malware. Two Trojans are already in the wild designed to exploit the mechanism, which affects both Windows Media Player 10 and XP SP2.

Microsoft is sticking to guns and maintaining that the fact that an anti-piracy feature can be exploited does not a security flaw make - but Redmond is saying it will patch the programs anyway.

A Microsoft spokeswoman said: "Microsoft stated several weeks ago that we were looking into the issue and that this problem was not a security flaw. That position has not changed."

"After further review, we determined that it made sense to offer an update to consumers that would allow them to have greater default control over licence acquisition elements within the Player... Microsoft will release an update in the next 30 days," she added.

ZDNet's Dan Ilett contributed to this report

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

"This week, the Redmond giant has changed its mind...
Anonymous

This is the second time that Microsoft have said a...
Craig

I tried it for the first time a week ago. My expe...
Anonymous

Click here to see all

Related Links

Microsoft offers Outlook subscription

Seven Longhorns to debut in May 2006?

Hotmail goes mobile in India

Microsoft Research lab opens in Bangalore

Apple struggles to fix critical glitch

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

Second iPhone worm: A botnet risk

Phishers set their sights on corporate accounts

Tax-refund phishing scams hit an all-time high

First critical Windows 7 patches released

Online fraudsters enlist Trojans to run off with your money


  • Jobs
IT Security Analyst - South

Must hold a current driving licence DESIRABLE Juniper SSL VPN RSA SecurID MailSweeper WSUS and patch management Ironport Web Content Filteringo ...

Telesales Manager - SaaS / Professional Services - 65k ote

Ideally with a background of selling professional services and software you will be someone who is capable of dealing with a diverse customer base ...

Communications Operational Engineer

A valid UK driving licence is required. So you must have the flexibility and resilience to participate in a 24-hour call out rota and work for ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?

Users tell SAP: 'We need to talk more'

Second iPhone worm: A botnet risk

Outsourcing: CIOs' tips on getting it right




Quick Sitemap Links: