Sony BMG Fixes Security Flaw in SunnComm DRM Software

By Michael Santo
Contributing Writer, RealTechNews

Yes, it’s that’s same SunnComm MediaMax copy protection we discussed earlier, which installs itself even if you say “no”. In this case there was a security vulnerability discovered by a security firm, iSec Partners, working with the Electronic Frontier Foundation (EFF). The vulnerability was not announced until today, when a patch was available from Sony. Apparently the software installs a file folder in the computer that could allow a guest user to gain unauthorized access to the computer.

Sony said another security company, NGS Software, has tested the patch and certified that it addresses the vulnerability.

The patch can be downloaded from Sony’s site. A list of the CDs affected in the United States, and a slightly different list in Canada, is also posted on the site.

Sony said it will notify customers though a banner advertisement directly in the SunnComm software, as well as through an Internet advertising campaign. Source: News.com

We Say: I doubt anyone could have scripted a Keystone Cops comedy that’s been as much of a fiasco as the DRM news that has trailed Sony BMG since early November. It is also unclear if this fixes the installation problem indicated in my prior article.