/* Javascripts ----------------------------------------------- */ /* * * * * * * BODY * * * * * * * ----------------------------------------------- */

Note that the title of most blog entries provides a link to the relevant document.

Tuesday, November 15, 2005

Freedom to Tinker: Sony’s Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall Discs

"Over the weekend a Finnish researcher named Muzzy noticed a potential vulnerability in the web-based uninstaller that Sony offers to users who want to remove the First4Internet XCP copy protection software. We took a detailed look at the software and discovered that it is indeed possible for an attacker to exploit this weakness. For affected users, this represents a far greater security risk than even the original Sony rootkit.

The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get.
"

[+/-] show/hide this post

1 Comments:

Anonymous Anonymous said...

Excellent, love it! »

2:36 PM  

Post a Comment

Links to this post:

Create a Link

<< Home