• United States
Senior Editor

Sony rootkit removal leaves security holes

Nov 16, 20051 min
Data Center

The more Sony tries to dig itself out of its DRM rootkit fiasco, the deeper the hole gets.

Security experts say the program that Sony released to remove the cloaked software (which it obnoxiously makes you register for) is instead leaving large holes in your PC, making it more vulnerable than before.

The uninstall program is sporting a huge hole as it doesn’t make your PC confirm that any downloaded code is coming from Sony or First 4 Internet, the firm Sony hired to write the uninstall software. Instead, the code simply opens up your PC like a 7-11.

“The consequences of the flaw are severe,” wrote Princeton computer science professors in a blog posting Tuesday. “It allows any Web page you visit to download, install, and run any code it likes on your computer. Any Web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get.”

Via My Way News