DRM Gone Bad: Microsoft Windows

September 27, 2010

Microsoft has been a strong proponent of digital rights management - especially in its windows operating system - but a recent report on PC World reveals an exploit that uses the very protections the company put in place against users. The exploit involves the msnetobj.dll library, an ActiveX Network Object. The msnetobj.dll library "is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling" the library, according to BoingBoing.

Hackers have figured out that the library is useful for attacking computers. Apparently, the file is susceptible to three different attacks - denial of service, buffer overflow, and integer overflow. These attacks can be triggered when the user is lured to a malicious website set up to exploit the file's weakness. Once in, the site can then allow a hacker to run malicious software on the target machine.

Source PC World, Boing Boing

Posted in DRM Win

Comments

Re: DRM Gone Bad: Microsoft Windows

Submitted by CyberSkull on Sun, 10/03/2010 - 21:51.

When are they gonna phase out ActiveX? It's been nothing but a hole you could drive a tank through.

Re: DRM Gone Bad: Microsoft Windows

Submitted by ZippyDSMlee on Tue, 09/28/2010 - 09:51.

I doubt its as much as DRM gone bad but rather complete ineptitude on MSs part to build a easy to use functional rights system that is backed up by a online community. MS shat on it since they are to busy screwing up the 360.....

I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2010/05/21/cigital-disobedience/

I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2011/12/31/what-is-cigital-disobedience/

Re: DRM Gone Bad: Microsoft Windows

Submitted by Thad on Tue, 09/28/2010 - 00:52.

Pretty much the word "ActiveX" is all the explanation anyone should need.

Re: DRM Gone Bad: Microsoft Windows

Submitted by KyleJCrb on Tue, 09/28/2010 - 01:09.

My first thought was "An ActiveX exploit? NO! That certainly would never happen!"

Re: DRM Gone Bad: Microsoft Windows

Submitted by killatia on Tue, 09/28/2010 - 00:09.

Wow, Microsoft better fix this up before shit hits the fan.

http://www.magicinkgaming.com/

Re: DRM Gone Bad: Microsoft Windows

Submitted by Thad on Tue, 09/28/2010 - 00:54.

I doubt they'll go out of cycle for this one; expect a patch on Tuesday the 12th.

Shout box

tallimar: http://news.cnet.com/8301-1035_3-57440902-94/microsoft-legal-win-over-google-may-signal-ceasefire/05/24/2012 - 10:17pm

ZippyDSMlee: TIme or an operation!05/24/2012 - 6:43pm

ZippyDSMlee: PC parts are in wish me luck or hell!!05/24/2012 - 6:43pm

MaskedPixelante: 38 Studios and Big Huge Games are pretty much dead now. http://www.joystiq.com/2012/05/24/38-studios-and-big-huge-games-lay-off-entire-staffs05/24/2012 - 4:39pm

DorthLous: Actually, nop, I did miss the emoticon for some reason (getting used to pics?) and I didn't know you changed it since (since I posted previous to my shout and it was still there.) Anyhow, thanks for taking it out!05/23/2012 - 6:01pm

james_fudge: Well we were just testing it. but it is still on the submission to fight $pam.05/23/2012 - 5:48pm

E. Zachary Knight: James, No I don't have it. I was just wondering who does and why. More curiosity than anything.05/23/2012 - 5:38pm

james_fudge: Did you not see the emoticon and did you not see that it has already been changed back?05/23/2012 - 5:10pm

james_fudge: LOL05/23/2012 - 5:07pm

DorthLous: Why? Not shocked that people are barking to an additional hoop to jump through when posting from their already logged in account or just mentionning this to try to paint me as one always complaining?05/23/2012 - 4:45pm

james_fudge: big shock there ;)05/23/2012 - 4:30pm

DorthLous: I'll add my voice to those wanting it gone :S I'm already logged in, I don't need a captch'a. That's for those registering.05/23/2012 - 3:54pm

james_fudge: Et tu EZK?!?05/23/2012 - 3:51pm

Craig R.: I'm a One Man Quorum! And it's working for me now, thanks. :)05/23/2012 - 3:48pm

E. Zachary Knight: How do we determine who get's the game/captcha thingy? Is there a certain posting threshhold users have to meet before it is turned off?05/23/2012 - 2:25pm

james_fudge: Give it a chance, we're still adjusting it ;)05/23/2012 - 11:20am

james_fudge: One does not a Quorum make Craig.05/23/2012 - 11:16am

Craig R.: If I complete the stupid game, and it just deletes my comment, what's the point?05/23/2012 - 11:15am

Craig R.: Ok, the little captcha game? You can get rid of it already.05/23/2012 - 11:13am

Craig R.: FCC boss is giving the thumbs up to usage-based pricing for Internet access05/23/2012 - 11:08am

All shouts

<< Return To Top

Forgot your password?
Username :
Password :