Joris Evers
CNET News.com
November 13, 2005, 11:15 GMT
Security tools within Windows will soon seek out and destroy the rootkit-like component of Sony's CD copy-restriction software
Microsoft will update its security tools to detect and remove part of the copy protection tools installed on PCs when some Sony music CDs are played.
The software maker has determined that the "rootkit" piece of the XCP software on some Sony BMG Music Entertainment CDs can pose a security risk to Windows PCs, according to a posting on Saturday to a Microsoft corporate Web log.
The Sony BMG software installs itself deeply inside a hard drive when a CD is played on a PC. The technology uses rootkit techniques to hide itself. Experts blasted the cloaking mechanism, saying it could be abused by virus writers. The first remote-control Trojan horses that take advantage of the veil provided by Sony BMG have surfaced.
SonyBMG's practice of installing rootkits on the PCs of some of its customers without telling them is:
Reckless - rootkits are a security risk
Unethical - the licence gives no indication that a rootkit is being installed
Paranoid - this is taking copyright protection too far
All of the above
None of the above - SonyBMG is quite within its rights
To protect Windows users, Microsoft plans to update Windows AntiSpyware and the Malicious Software Removal Tool as well as the online scanner on Windows Live Safety Center to detect and remove the Sony BMG software, the software maker said in its blog.
Windows AntiSpyware is Microsoft's spyware-fighting software that is currently available as a test version and used by millions of people worldwide. Microsoft provides weekly updates for Windows AntiSpyware. The Windows Malicious Software Removal Tool is updated monthly and is part of Microsoft's monthly patch releases.
Detection and removal of the rootkit component will also be in Windows Defender, the forthcoming update to Windows AntiSpyware that will also be part of Windows XP successor Windows Vista, Microsoft said.
In its move to detect and remove the Sony BMG rootkit, Microsoft follows other makers of security software. Symantec and Computer Associates are among those that offer at minimum detection capabilities in their products. Sony BMG itself has also provided a patch to fix the security problem and still allow CDs to be played on PCs.
On Friday, Sony said it had halted production of CDs with the controversial technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music. Sony does still produce CDs that use a different copy protection scheme.
Representatives of Microsoft UK privately expressed concern last week that the storm of protest over Sony's actions was damaging the public image of digital rights management.
http://news.zdnet.co.uk/internet/security/0,39020375,39236971,00.htm
Topic: Microsoft to delete Sony DRM 'rootkit' (Read 1012 times)