DRM Gone Bad: Microsoft Windows

September 28, 2010 -

Microsoft has been a strong proponent of digital rights management - especially in its windows operating system - but a recent report on PC World reveals an exploit that uses the very protections the company put in place against users. The exploit involves the msnetobj.dll library, an ActiveX Network Object. The msnetobj.dll library "is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling" the library, according to BoingBoing.

Hackers have figured out that the library is useful for attacking computers. Apparently, the file is susceptible to three different attacks - denial of service, buffer overflow, and integer overflow. These attacks can be triggered when the user is lured to a malicious website set up to exploit the file's weakness. Once in, the site can then allow a hacker to run malicious software on the target machine.

Source PC World, Boing Boing

Posted in

Comments

Re: DRM Gone Bad: Microsoft Windows

When are they gonna phase out ActiveX? It's been nothing but a hole you could drive a tank through.

Re: DRM Gone Bad: Microsoft Windows

I doubt its as much as DRM gone bad but rather complete ineptitude on MSs part to build a easy to use functional rights system that is backed up by a online community. MS shat on it since they are to busy screwing up the 360.....


I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2010/05/21/cigital-disobedience/


Copyright infringement is nothing more than civil disobedience to a bad set of laws. Let's renegotiate them.

---

http://zippydsm.deviantart.com/

Re: DRM Gone Bad: Microsoft Windows

Pretty much the word "ActiveX" is all the explanation anyone should need.

Re: DRM Gone Bad: Microsoft Windows

My first thought was "An ActiveX exploit? NO! That certainly would never happen!"

Re: DRM Gone Bad: Microsoft Windows

Wow, Microsoft better fix this up before shit hits the fan.

http://www.magicinkgaming.com/

Re: DRM Gone Bad: Microsoft Windows

I doubt they'll go out of cycle for this one; expect a patch on Tuesday the 12th.

 
Forgot your password?
Username :
Password :

Poll

Did Microsoft pay too much ($2.5 billion) for Minecraft developer Mojang?:

Shout box

You're not permitted to post shouts.
Michael ChandraI forget what it is exactly, but there already is another hashtag that some use, exactly to separate themselves from the abusive behaviour. So don't bother lying to me.09/19/2014 - 7:06am
quiknkold2 to 3 or more09/19/2014 - 6:53am
quiknkoldMichael Chandra : I'll say this. The only reason they havent used another hashtag is because it would look like a form of dividing the arguement. Using another Hashtag has come up, and they feel like if they made a new hashtag, it'll split the debate from09/19/2014 - 6:53am
Michael ChandraYou want a debate? Build a wall between you and the poisoned well. Make clear you despise it, despise the behaviour. Then get into the other issues you are troubled with, and don't say a single word again about the poisoned well.09/19/2014 - 3:46am
Michael ChandraAnd someone claiming #notyourshield was to be taken serious, when chatlogs show they wanted it going to hide even more harassment behind? Yeah, not buying a word you're saying. You poisoned your own well.09/19/2014 - 3:45am
Michael Chandraallegedly fired over giving a game a mediocre review and the company threatened to pull ads? Sorry but I ain't buying this.09/19/2014 - 3:45am
Michael ChandraBut people arguing this is horrible and just about ethics, even though there's very little support that journalistic integrity was actually violated here, while they never spoke up when a journalist was09/19/2014 - 3:43am
Michael ChandraIf people start with condemning the way GamersGate was used as a misdirection, then use a better hashtag, that would work in convincing me they mean it.09/19/2014 - 3:43am
Andrew EisenOoo, this one came down to the wire! https://www.kickstarter.com/projects/749082525/nefarious09/19/2014 - 1:03am
Andrew EisenI don't doubt that many are truly interested in journalistic integrity. The problem I'm often seeing is they seem to have no idea how or where to talk about it.09/18/2014 - 11:46pm
Andrew EisenDidn't word that well. Busy at work. I've seen people claim that GamerGate is solely about ethics and transparency in games journalism and then go on to show that what they're really after is silencing those who talk about gender issues in games.09/18/2014 - 11:45pm
Kronodebate. Becaus apparently people who only post on Reddit are supposed to police twitter before they're allowed to question anything about the people involved.09/18/2014 - 10:40pm
KronoI highly doubt many, if any are using journalistic integrity as a cover for harassment. The people harassing are essentially trolls. They aren't interested in subtle. More often it's othe other way around. People use "but X is being harassed" to shut down09/18/2014 - 10:38pm
Andrew EisenAnd exacerbating everything is the fact that all the cries of ethics violations have been obnoxious and easily proven false.09/18/2014 - 8:59pm
Andrew EisenProblem is, I would imagine, the sheer number of people who are using journalistic integrity as a cover for their harassing actions or only bringing it up on the false pretense of journalistic integrity.09/18/2014 - 8:47pm
Andrew EisenHaving said that, I can certainly see how one would be frustrated if they truly just wanted to talk about journalistic integrity and someone said they were one of the people harassing Sarkeesian, Quinn and others (though I've seen no examples of that).09/18/2014 - 8:44pm
KronoThat's been the common refrain, that talk of journalism ethics is just an excuse to harass people.09/18/2014 - 8:44pm
KronoLines like "like a partial compromise with the howling trolls who’ve latched onto ‘ethics’ as the latest flag in their onslaught against evolution and inclusion." are taring everyone questioning the ethics as a harasser.09/18/2014 - 8:43pm
Andrew EisenKrono - Except, none of the articles were talking about gamers complaining about journalist ethics, let alone called them white male misogynists. They were talking about the gamers who were harassing others.09/18/2014 - 8:36pm
Kronomakes plenty of sense. It's rather hard to dismiss someone as a white guy running a sock puppet when they've posted proof they're a woman, or black, or another minority.09/18/2014 - 8:32pm
 

Be Heard - Contact Your Politician