DRM Gone Bad: Microsoft Windows

September 28, 2010

Microsoft has been a strong proponent of digital rights management - especially in its windows operating system - but a recent report on PC World reveals an exploit that uses the very protections the company put in place against users. The exploit involves the msnetobj.dll library, an ActiveX Network Object. The msnetobj.dll library "is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling" the library, according to BoingBoing.

Hackers have figured out that the library is useful for attacking computers. Apparently, the file is susceptible to three different attacks - denial of service, buffer overflow, and integer overflow. These attacks can be triggered when the user is lured to a malicious website set up to exploit the file's weakness. Once in, the site can then allow a hacker to run malicious software on the target machine.

Source PC World, Boing Boing

Posted in

Comments

Re: DRM Gone Bad: Microsoft Windows

Submitted by CyberSkull on Sun, 10/03/2010 - 20:51.

When are they gonna phase out ActiveX? It's been nothing but a hole you could drive a tank through.

Re: DRM Gone Bad: Microsoft Windows

Submitted by ZippyDSMlee on Tue, 09/28/2010 - 08:51.

I doubt its as much as DRM gone bad but rather complete ineptitude on MSs part to build a easy to use functional rights system that is backed up by a online community. MS shat on it since they are to busy screwing up the 360.....

I have a dream, break the chains of copy right oppression! http://zippydsmlee.wordpress.com/2010/05/21/cigital-disobedience/

---

http://zippydsm.deviantart.com/

Re: DRM Gone Bad: Microsoft Windows

Submitted by Thad on Mon, 09/27/2010 - 23:52.

Pretty much the word "ActiveX" is all the explanation anyone should need.

Re: DRM Gone Bad: Microsoft Windows

Submitted by KyleJCrb on Tue, 09/28/2010 - 00:09.

My first thought was "An ActiveX exploit? NO! That certainly would never happen!"

Re: DRM Gone Bad: Microsoft Windows

Submitted by killatia on Mon, 09/27/2010 - 23:09.

Wow, Microsoft better fix this up before shit hits the fan.

http://www.magicinkgaming.com/

Re: DRM Gone Bad: Microsoft Windows

Submitted by Thad on Mon, 09/27/2010 - 23:54.

I doubt they'll go out of cycle for this one; expect a patch on Tuesday the 12th.

Shout box

Cecil475: @PHX Corp - The dude's a moron who wouldn't know crap if it came up and kicked him.05/19/2013 - 6:36am

PHX Corp: http://kotaku.com/ea-sports-developer-calls-wii-u-crap-and-nintendo-wa-508481261 EA Sports Canada Moron calls Wii U 'Crap' and Nintendo 'Walking Dead'05/18/2013 - 11:42am

E. Zachary Knight: If the videos are of sufficient quality that people subscribe and watch regularly, then those let's players are providing a service that people want. That is the heart of capitalism. That is not something that should be shamed.05/17/2013 - 8:06am

E. Zachary Knight: I have no idea who either of those people are. However, I still don't see why making a business out of creating let's play videos is somehow evil or wrong.05/17/2013 - 8:04am

MaskedPixelante: It sure is if you're just doing it for the money. See Tobuscus and/or Pewdiepie for what happens when people get into it just for the money.05/17/2013 - 7:30am

E. Zachary Knight: Why is it wrong to make money doing LPs? Why should that be something that should be shamed?05/17/2013 - 6:20am

MaskedPixelante: https://twitter.com/PsychedelicSA/status/335183893214924801 Now here's an interesting, glass half full thought about the Nintendo LP thing. It outs the people who are just doing LPs to make money.05/17/2013 - 5:56am

E. Zachary Knight: I responded in writing to all this "let's play" stuff Nintendo Started. No need for my permission, I won't give it. It's not mine to give. http://divineknightgaming.com/?p=29205/16/2013 - 2:21pm

E. Zachary Knight: Lars Doucet of Levelup Labs has a Reddit going on game companies that allow monetization of Let's Play videos. http://www.reddit.com/r/Games/comments/1egayn/lets_build_a_list_of_game_studios_that_allow/05/16/2013 - 1:04pm

Sleaker: @Imautobot - yah I wouldn't use an emulator as a good first run test of how stable the console is, haha.05/16/2013 - 11:47am

E. Zachary Knight: The 50th person to jump off a bridge is just as dumb if not dumber than the 1st.05/16/2013 - 10:03am

MaskedPixelante: Yeah, let's all jump on Nintendo for doing this, even though they're hardly the first company to do this...05/16/2013 - 9:47am

E. Zachary Knight: Wow Nintendo, this is wrong. http://kotaku.com/nintendo-forcing-ads-on-some-youtube-lets-play-video-50709238305/16/2013 - 8:44am

Imautobot: @Sleaker, further gameplay has revealed that the controller button do stick under the faceplate. Also, The NES emulator (Emuya)keeps crashing on me, though I think a bad ROM is causing it.05/16/2013 - 7:10am

Papa Midnight: AE: I wonder if any other publishers will follow suit.05/15/2013 - 8:12pm

Andrew Eisen: EA is ditching Online Pass. http://venturebeat.com/2013/05/15/ea-kills-its-controversial-online-pass-program/05/15/2013 - 7:20pm

Avalongod: @Zach and quicnkold...I've read the bill and the intent of it is to fear-monger. It's not a balanced message. I don't recall the ESRB being mentioned at all. It's more "keeps your kids away from these movies/games or they'll become violent"05/15/2013 - 4:35pm

E. Zachary Knight: quiknkold, The big problem with that legislation is the amount of misinformation out there. Who is going to ensure that the information in the pamphlet is accurate?05/15/2013 - 3:25pm

quiknkold: REBeardogg : I'm on the fence about this. on one side, I want parents to be aware of the ESRB, and even Movie Ratings. On the other hand, I feel this will be used for nothing but Propaganda. The ESRB does a good job.05/15/2013 - 3:07pm

IanC: Frostbite is coming out on iOS devices. Yet the Wii U cant handle it? *coughbullshitcough*05/15/2013 - 2:31pm

All shouts

<< Return To Top

Forgot your password?
Username :
Password :