DRM Gone Bad: Microsoft Windows

September 28, 2010 -

Microsoft has been a strong proponent of digital rights management - especially in its windows operating system - but a recent report on PC World reveals an exploit that uses the very protections the company put in place against users. The exploit involves the msnetobj.dll library, an ActiveX Network Object. The msnetobj.dll library "is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling" the library, according to BoingBoing.

Hackers have figured out that the library is useful for attacking computers. Apparently, the file is susceptible to three different attacks - denial of service, buffer overflow, and integer overflow. These attacks can be triggered when the user is lured to a malicious website set up to exploit the file's weakness. Once in, the site can then allow a hacker to run malicious software on the target machine.

Source PC World, Boing Boing

Posted in

Comments

Re: DRM Gone Bad: Microsoft Windows

When are they gonna phase out ActiveX? It's been nothing but a hole you could drive a tank through.

Re: DRM Gone Bad: Microsoft Windows

I doubt its as much as DRM gone bad but rather complete ineptitude on MSs part to build a easy to use functional rights system that is backed up by a online community. MS shat on it since they are to busy screwing up the 360.....


I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2010/05/21/cigital-disobedience/


Copyright infringement is nothing more than civil disobedience to a bad set of laws. Let's renegotiate them.

---

http://zippydsm.deviantart.com/

Re: DRM Gone Bad: Microsoft Windows

Pretty much the word "ActiveX" is all the explanation anyone should need.

Re: DRM Gone Bad: Microsoft Windows

My first thought was "An ActiveX exploit? NO! That certainly would never happen!"

Re: DRM Gone Bad: Microsoft Windows

Wow, Microsoft better fix this up before shit hits the fan.

http://www.magicinkgaming.com/

Re: DRM Gone Bad: Microsoft Windows

I doubt they'll go out of cycle for this one; expect a patch on Tuesday the 12th.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
prh99Just replace cinematic with the appropriate synonym for poo and you'll have gist of any press release.03/02/2015 - 5:34pm
PHX Corphttps://www.youtube.com/watch?v=vZQDFO2KEPo Jim Sterling Makes Fun of "Cinematic" Gaming03/02/2015 - 3:39pm
Matthew WilsonWOW is copping EVE. http://us.battle.net/wow/en/blog/18141101/introducing-the-wow-token-3-2-2015 I think its a smart move to deal with gold farmers in this way.03/02/2015 - 1:16pm
Matthew WilsonI guess epic is tired of having their lunch eaten by unity. https://www.unrealengine.com/blog/ue4-is-free03/02/2015 - 12:50pm
Andrew EisenNot much to follow. Kern is being silly and... nothing much else is happening.03/02/2015 - 11:40am
Papa MidnightI ask because, having only just heard of it, I have not, and I was hoping for some insight.03/02/2015 - 11:39am
Papa MidnightHas anyone been following this petition by Mark Kern regarding Kotaku, Polygon, and VG247? https://www.change.org/p/kotaku-lead-the-way-in-healing-the-rift-in-video-games03/02/2015 - 11:38am
ZippyDSMleePaypal shuts down Mega's payment system. https://torrentfreak.com/under-u-s-pressure-paypal-nukes-mega-for-encrypting-files-150227/03/01/2015 - 3:25pm
Matthew Wilsonvalvle planning to release a vr headset this year wtf http://www.pcgamer.com/valves-vr-headset-is-named-vive-and-htc-are-making-it/03/01/2015 - 1:05pm
ZippyDSMleeuuuhhhggg in other news been sick since last night.....uuhggg.....I iwsh it did not hurt so much when my tummy wants to leave my body..02/28/2015 - 11:39pm
ZippyDSMleeBrings me to the Q why alt costumes would be needed in competition anyway... http://www.eventhubs.com/news/2015/feb/28/dead-or-alive-community-aims-ban-over-120-overly-sexualized-costumes-dead-or-alive-5-last-round/02/28/2015 - 11:36pm
MonteThough from a business side, i would agree with the article. While it would be smarter for developers to slow down, you can't expect EA, Activision or ubisoft to do something like that. Nintnedo's gotta get the third party back.02/28/2015 - 4:36pm
MonteThough it does also help that nintendo's more colorful style is a lot less reliant on graphics than more realistic games. Wind Waker is over 10 years old and still looks good for its age.02/28/2015 - 4:33pm
MonteWith the Wii, nintnedo had the right idea. Hold back on shiny graphics and focus on the gameplay experience. Unfortunatly everyone else keeps pushing for newer graphics and it matters less and less each generation. I can barely notice the difference02/28/2015 - 4:29pm
MonteON third party developers; i kinda think they should slow down to nintendo's pace. They bemoan the rising costs of AAA gaming, but then constantly push for the best graphics which is makes up a lot of those costs. Be easier to afford if they held back02/28/2015 - 4:27pm
Matthew Wilsonhttp://www.forbes.com/sites/insertcoin/2015/02/28/the-world-is-nintendos-if-only-theyd-take-it/ I think this is a interesting op-ed, but yeah it kind of is stating the obvious.02/28/2015 - 2:52pm
prh99The government probably doesn't need an app, but I was think more along the lines of a company that was going to sell the collected info. “If you're not paying for the product, you are the product” sometimes even if you pay.02/28/2015 - 1:50pm
E. Zachary KnightWhat better way for the government to keep track of you than to get you to install an app that lets you insult the government.02/28/2015 - 11:03am
prh99No, but I looked it up and it's basically spyware. Their privacy policy says their apps tracks among other things your location and browsing habits via cookies.02/28/2015 - 8:20am
Ryan RardinHas anyone here heard of an app called iCitizen? It's basically Yelp for politicians.02/28/2015 - 5:16am
 

Be Heard - Contact Your Politician