DRM Gone Bad: Microsoft Windows

September 28, 2010 -

Microsoft has been a strong proponent of digital rights management - especially in its windows operating system - but a recent report on PC World reveals an exploit that uses the very protections the company put in place against users. The exploit involves the msnetobj.dll library, an ActiveX Network Object. The msnetobj.dll library "is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling" the library, according to BoingBoing.

Hackers have figured out that the library is useful for attacking computers. Apparently, the file is susceptible to three different attacks - denial of service, buffer overflow, and integer overflow. These attacks can be triggered when the user is lured to a malicious website set up to exploit the file's weakness. Once in, the site can then allow a hacker to run malicious software on the target machine.

Source PC World, Boing Boing

Posted in

Comments

Re: DRM Gone Bad: Microsoft Windows

When are they gonna phase out ActiveX? It's been nothing but a hole you could drive a tank through.

Re: DRM Gone Bad: Microsoft Windows

I doubt its as much as DRM gone bad but rather complete ineptitude on MSs part to build a easy to use functional rights system that is backed up by a online community. MS shat on it since they are to busy screwing up the 360.....


I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2010/05/21/cigital-disobedience/


Copyright infringement is nothing more than civil disobedience to a bad set of laws. Let's renegotiate them.

---

http://zippydsm.deviantart.com/

Re: DRM Gone Bad: Microsoft Windows

Pretty much the word "ActiveX" is all the explanation anyone should need.

Re: DRM Gone Bad: Microsoft Windows

My first thought was "An ActiveX exploit? NO! That certainly would never happen!"

Re: DRM Gone Bad: Microsoft Windows

Wow, Microsoft better fix this up before shit hits the fan.

http://www.magicinkgaming.com/

Re: DRM Gone Bad: Microsoft Windows

I doubt they'll go out of cycle for this one; expect a patch on Tuesday the 12th.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Andrew EisenYikes. http://boingboing.net/2014/10/20/vultures-circle-gamergate.html10/20/2014 - 6:25pm
Neo_DrKefkaDestructoid Editor in Chief stepping down after allegations surface about blacklisting will he be next? http://allmannerofnerdery.tumblr.com/post/100526443850/im-leaving-destructoid10/20/2014 - 6:05pm
james_fudgethere's some inside baseball stuff going on in this Andrew - likely some stuff we don't know10/20/2014 - 3:30pm
E. Zachary KnightGreat musical video about online trolling. https://www.youtube.com/watch?v=_nS-QeM2ne810/20/2014 - 2:46pm
Andrew EisenBut again, this whole thing is just too damn vague to form an opinion on.10/20/2014 - 2:40pm
Andrew EisenWithout the original communication, it's impossible to say if it could honestly be misconstrued as a friendly suggestion rather than an employer directive. However, it appears that subsequent emails should have cleared up any doubt.10/20/2014 - 2:40pm
Andrew EisenThose aren't the owner's words, they're Chris Dahlen's. For what it's worth, we do see an email from Gonzalez stating "you've already broken the only rule we set for you!!!!!!!"10/20/2014 - 2:38pm
Michael ChandraSo really the guy's own words strike me as "wah! How dare you disagree with me!" behaviour, which is the sort of childish attitude I am unfortunately not surprised by.10/20/2014 - 2:17pm
Michael ChandraCorrect AE, but then again the owner's own words are about "wishes", not about an order. No "we told him not to", but going against his wishes.10/20/2014 - 2:16pm
Matthew Wilsonyup. sadly that has been true for awhile.10/20/2014 - 2:10pm
james_fudgewelcome to 2014 politics. Increasingly fought online10/20/2014 - 1:54pm
E. Zachary KnightIt is honestly a shame that anyone has to publicly state they are against such vile behavior, but that is the sad life we live.10/20/2014 - 1:46pm
E. Zachary KnightDecided to publicly reiterate my opposition to harassment campaigns. http://randomtower.com/2014/10/just-stop-with-the-harassment-and-bullying-campaigns-already/10/20/2014 - 1:45pm
Andrew EisenMichael Chandra - Unless I overlooked it, we haven't seen how the directive to not talk about whatever he wasn't supposed to talk about was phrased so it’s hard to say if it could have been misconstrued as a suggestion or not.10/20/2014 - 12:35pm
Andrew EisenHey, the second to last link is the relevant one! He actually did say "let them suffer." Although, he didn't say it to the other person he was bickering with.10/20/2014 - 12:29pm
Neo_DrKefkahttps://archive.today/F14zZ https://archive.today/SxFas https://archive.today/1upoI https://archive.today/0hu7i https://archive.today/NsPUC https://archive.today/fLTQv https://archive.today/Wpz8S10/20/2014 - 11:21am
Andrew EisenNeo_DrKefka - "Attacking"? Interesting choice of words. Also interesting that you quoted something that wasn't actually said. Leaving out a relevant link, are you?10/20/2014 - 11:04am
quiknkoldugh. I want to know why the hell Mozerella Sticks are 4 dollars at my works cafeteria...are they cooked in Truffle Oil?10/20/2014 - 10:41am
Neo_DrKefkaAnti-Gamergate supporter Robert Caruso attacks female GamerGate supporter by also attacking another cause she support which is the situation happening in Syia “LET SYRIANS SUFFER” https://archive.today/F14zZ https://archive.today/Wpz8S10/20/2014 - 10:18am
Neo_DrKefkaThat is correct in an At-Will state you or the employer can part ways at any time. However Florida also has laws on the books about "Wrongful combinations against workers" http://www.flsenate.gov/Laws/Statutes/2012/448.04510/20/2014 - 10:07am
 

Be Heard - Contact Your Politician