Guess What? That Latest Sony BMG Patch? It's Vulnerable Too
from the shut-the-window-open-the-door dept
The incompetency of Sony BMG is reaching previously unfathomable heights. Yesterday we wrote about the latest patch the company had issued to fix a security hole in the SunnComm MediaMax copy-protection software its CDs load onto people's computers. Surprise surprise -- the patch closes one hole and opens another. Ed Felten and Alex Halderman say the supposed fix features the same kind of vulnerability as the one it's intended to remedy, only slightly modified. Again, the CDs featuring this
malware copy protection haven't been recalled, unlike the Sony BMGs behind the separate rootkit fiasco. It's hard to have much trust in the company when its fixes are just as bad as the initial problem.