SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Multimedia)  >   Sony CD (Music) Vendors:   Sony
Sony Music CD Hides Files, Directories, Registry Entries, and Process Names Unrelated to the CD Software
SecurityTracker Alert ID:  1015145
SecurityTracker URL:  http://securitytracker.com/id/1015145
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Nov 5 2005
Original Entry Date:  Nov 3 2005
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in copy protection software distributed with some Sony music CDs. Some system information not related to the product may be hidden by the protection.

Once installed, the software (reportedly developed by "First 4 Internet") hides all files, directories, Registry keys, and process names that begin with the string "$sys$". As a result, malicious software that uses that string value may be difficult to detect.

The vendor indicates that CDs containing the affected software are labeled "Content enhanced & protected."

An analysis of the software and its security related impact is available at:

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

Mark Russinovich of Sysinternals discovered this vulnerability.

Impact:   Software that uses files, directories, Registry keys, or process names that begin with the string "$sys$" may be difficult to detect.
Solution:   The vendor has issued a patch that removes the "cloaking" feature:

http://cp.sonybmg.com/xcp/english/updates.html

Vendor URL:  www.sonymusic.com/ (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC