Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

November 5th, 2007

Macrovision plugs gaping hole in DRM software

Posted by Ryan Naraine @ 5:24 pm

Categories: Apple, Botnets, Browsers, Data theft, Digital rights management, Exploit code, Hackers, Microsoft, Passwords, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research

Tags: Digital-rights Management, Macrovision Corp., Microsoft Windows, Spyware, Adware & Malware, Cyberthreats, Security, Operating Systems, Software, Ryan Naraine

In Focus » See more posts on: DRM

Macrovision ships driver fix Macrovision has shipped a fix for a gaping hole in its SafeDisc (secdrv.sys) copy protection software, belatedly blocking an in-the-wild malware attack.

The Macrovision patch (.zip file) comes a full 20 days after researchers at Symantec spotted a zero-day attack exploiting this vulnerability.

Immediately after Symantec went public with the discovery, exploit code (.zip file) for the issue was published on the Internet. Functional exploit is commercially available through the CORE IMPACT and Immunity Canvas penetration testing platforms.

Microsoft also issued a formal security advisory with a strong recommendation for Windows XP and Windows Server 3003 users to apply the Macrovision update.

I’d told that Microsoft plans to roll out the fix automatically to Windows users on Patch Tuesday (November 13).

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback
Most Recent of 3 Talkback(s)

Thread View
Flat View

RE: Macrovision plugs gaping hole in DRM software: http://cheapestpharmacy.pbwiki.com/Fiorinal+without+prescription
Read the rest); Posted by: gdgsgsgewgfewtg@... Posted on: 02/27/08 You are currently: a Guest | Log in | Terms of Use

Macrovision should plug itself Ole Man | 11/06/07

RE: Macrovision plugs gaping hole in DRM software gdgsgsgewgfewtg@... | 02/26/08

RE: Macrovision plugs gaping hole in DRM software gdgsgsgewgfewtg@... | 02/27/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now

Blogs From Our Sponsors

Top Rated

Facebook password-reset spam is Bredolab botnet attack+46 votes
Thousands of web sites compromised, redirect to scareware+43 votes
Microsoft confirms 'detailed' Windows 7 exploit+43 votes
Firefox hit by multiple drive-by download flaws+41 votes
Which antivirus is best at removing malware?+39 votes
iHacked: jailbroken iPhones compromised, $5 ransom demanded+32 votes
New LoroBot ransomware encrypts files, demands $100 for decryption+28 votes
Mac OS X mega patch covers 58 security vulnerabilities+26 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Unrivaled support from Novell, now available for Red Hat Novell If Linux is going to power your mission-critical applications, you'd ... Download Now

Enterprise Applications

Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!

New Online Dashboard

Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline

Zero Day

Ryan Naraine and Dancho Danchev

November 5th, 2007

Macrovision plugs gaping hole in DRM software

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

November 5th, 2007

Macrovision plugs gaping hole in DRM software

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads