November 13, 2005 12:15 AM PST

Microsoft will wipe Sony's 'rootkit'

Microsoft will update its security tools to detect and remove part of the copy protection tools installed on PCs when some music CDs are played.

The Redmond, Wash., software maker has determined that the "rootkit" piece of the XCP software on some Sony BMG Music Entertainment CDs can pose a security risk to Windows PCs, according to a posting Saturday to a Microsoft corporate Web log.

The Sony BMG software installs itself deeply inside a hard drive when a CD is played on a PC. The technology uses rootkit techniques to hide itself. Experts blasted the cloaking mechanism, saying it could be abused by virus writers. The first remote-control Trojan horses that take advantage of the veil provided by Sony BMG have surfaced.

To protect Windows users, Microsoft plans to update Windows AntiSpyware and the Malicious Software Removal Tool as well as the online scanner on Windows Live Safety Center to detect and remove the Sony BMG software, the software maker said in its blog.

Reader response
What should Sony do?
Debate how the debacle will
affect the label's policies.

Windows AntiSpyware is Microsoft's spyware-fighting software that is currently available as a test version and used by millions of people worldwide. Microsoft provides weekly updates for Windows AntiSpyware. The Windows Malicious Software Removal Tool is updated monthly and is part of Microsoft's monthly patch releases.

Detection and removal of the rootkit component will also be in Windows Defender, the forthcoming update to Windows AntiSpyware that will also be part of Windows XP successor Windows Vista, Microsoft said.

In its move to detect and remove the Sony BMG rootkit, Microsoft follows other makers of security software. Symantec and Computer Associates are among those that are offering, at minimum, rootkit detection capabilities in their products. Sony BMG itself has provided a patch that fixes the security problem and still allows CDs to be played on PCs.

On Friday, Sony said it had halted production of CDs with the controversial technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music. Sony does still produce CDs that use a different copy protection scheme.

85 comments

Join the conversation!
Add your comment
Goodbye Sony
Let us hope , now that M$ has moved to protect it's core operating system, from SONY's unwanted cloaked clunky junk DRM illegal invasionware, which causes BSoD! Let us hope that M$ sends in the legal suits to toast SONY & F4i, for billions on another front, now that would be a fine sight to behold! In the interim, I hope future sales of the new XBOX 360, totally crushes PS3, from the consumer backlash against SONY!
Posted by heystoopid (691 comments )
Reply Link Flag
DEATH! To Sony
I Agree with you 100%

I to will never trust Sony again!

And I work for a major Retail chain, I am stearing all customers away from the PS3 and telling em to get a xbox 360 on NOV 22nd.
Posted by Migraine (95 comments )
Link Flag
Will you buy Blu-Ray?
Will you trust the Blu-Ray discs, who knows what kind of rootkit will be on those discs? This is a big fiasco for Sony at the worst possible time. Something tells me that those Blu-Ray discs will have a hard time playing on windows PC's when they come out. Now MS can say they are protecting the OS and basically shutting Sony out.

<a class="jive-link-external" href="http://sqlservercode.blogspot.com/" target="_newWindow">http://sqlservercode.blogspot.com/</a>
Posted by SqlserverCode (165 comments )
Reply Link Flag
In the format war, Sony loses every time
First it was Betamax, then Mini Disc. Now they're trying to get UMD and Blu-ray down our throats. While UMD has some usefulness in the PSP portable, there's no reason for Blu-ray to exist. Its lack of relevance to the existing DVD format will separate it in consumers' minds, causing confusion. HD-DVD indicates an improvement over the existing DVD format while capitalizing on the well-known "HD" abbreviation that is synonymous with HDTVs. When will Sony ever learn?
Posted by omaryak (59 comments )
Link Flag
Well Sony doesnt have to worry about that!
No need for rootkits. In its very nature, Sony has made sure that fair use will be nonexistent with Blu Ray.
Posted by jjesusfreak01 (83 comments )
Link Flag
I agree and also
U can be sure those Blu-Ray discs won't work on Macs or Linux machines. The Sony CD's don't work well now (if at all).
Posted by Chevaliermusic (72 comments )
Link Flag
blue-ray
i will not buy any sony products ever again i just happend to stumble on the sony lawsute ....????? WHY DO YOU NOT HERE THIS ON TV ??? ALSO WHAT IS THIS BLUE RAY **** THERE ARE PEOPLE IN THE WORLD THAT HAVE NOT EVEN WENT TO DVD YEAT NOW THEY ARE TALKING ABOUT THIS **** SO NOW FOR THE PAST 5 OR MORE YEARS THAT I HAVE BEEN BUYING DVD'S AFTER 2007 THEY WILL BE DOING AWAY WITH THEM AND GOING TO THIS BLUE RAY **** WHERE IS EVERY ONES HEAD AT YOU KNOW SONY AND ALL THE OTHER BIG COMPANYS ARE JUST PUTTING MORE **** IN YOUR HEAD BY SAYING THIS WILL BE BETTER AND IT WILL BE CLEARER HOW MUCH BETTER DO WE HAVE TO SEE A MOVIE ??????? THIS IS CRAZY WITH BIGGER TV'S THAT COST 3,000 DOLLARS NOW MOVIES THAT COST $$$$$ WE DONT KNOW YEAT WHY DONT SONY AND MGM AND ALL THE OTHER MOVIE CO. JUST LET EVERYONE COME TO THE STUDO'S OR JUST GO TO ALL HOUSES AND SAY JUST GIVE ME ALL YOUR MONEY I STILL WATCH A 27" COLOR TV A PLAIN TV THE CIND THAT ONLY COST $179.00 IN WALLMART AND IT PLAYS VERY WELL IF I WANTED TO SEE A BETER MOVIE I WOULD GO TO THE MOVIES BUT I STOPED DOING THAT WHEN THE TICKETS WENT TO $10.00 EACH WATCH I THINK IS ALSO CRAZY WHAT IS THIS WORLD COMEING TO
Posted by dolly234 (4 comments )
Link Flag
BLUE RAY
DO NOT BUY THE BLUE RAY PRODUCT THIS WILL COST 2 TIMES A DVD WILL AND WE DO NOT KNOW WHAT SONY WILL PUT ON IT SO EVERYONE THAT CAN SEE THIS DO NOT BUY ANY SONY PRODUCTS JUST SAY NO NO NO
Posted by dolly234 (4 comments )
Link Flag
Microsoft crush Sony?
Now Microsoft is the good guy? Microsoft would have done the same stupid DRM stuff but Sony beat them to it. Vista will be chockful of DRM restrictions, believe me. And Microsoft doesn't write the most elegant code themselves, so some of it will be as clunky as Sony's rookit. Rooting for Microsoft is like rooting for the lawyers who will go after Sony. Yeah, I want it to happen, but I feel so guilty about it -- when did lawyers and Microsoft become the good guys? Sad that Sony is so much worse that we are rooting for the bad guys to take down the even badder guy.
Posted by ChazzMatt (169 comments )
Reply Link Flag
Get a life...Microsoft is the good guy here.
Get a life...Microsoft is the good guy here.
Posted by Stan Johnson (322 comments )
Link Flag
Where is justice?
I agree entirely with the comment. If a hacker had done this the whole corporate community would be out for vengeance. People like me who purchase products from companies like Sony and Microsoft should be outraged to find this illegal intrusion into our privacy. These companies should be liable for charges of forced entry, invasion of privacy, theft, break and enter, and anything else that can be applied in the law. They justify their actions as simply protecting their copyrights but in fact they show no concern whatever for the privacy and security of those who have bought their products legally. They are only concerned with how to get more money from others. If there were any justice in the world government agencies would be protecting the consumer not the corporate rip off artists.
Posted by HughT (28 comments )
Link Flag
Damn right
It's gonna be a terrible fight, but in the end the 'Soft will visciously ravage Sony's ******** until they squeel like in Deliverance. After that Sony will walk funny for a decade.

Nuff said.
Posted by RectumRider (1 comment )
Link Flag
Honestly - Who do we root for?
I don't know who to root for. When it comes to the consoles and DRM - I want Sony to get beat up a little (atleast to drop the arrogance). And when it comes to Operating Systems and DRM - I want Microsoft to get beat up a little (atleast to drop the arrogance). Don't want to start a war but - I have hope for Mac OSX and Linux. Especially since Macs will soon have Pentiums and the Power PC versus Pentium arguments can end.

Please forgive the change of subject.
Posted by Chevaliermusic (72 comments )
Link Flag
Sony's Big BooBoo
Sony's evil. Microsoft's evil. Blah.

The real story is Microsoft liability if it's operating system is compromised by another entity. I would expect this will open a new chapter in MS relationships to other large companies trying to use the Windows platform to protect their interests.

The downside of having 90% desktop share is that you're almost like a public utility -- MS needs to guarantee service levels and can't do that when rogue companies try and exploit weaknesses for their own purposes.
Posted by Betty Roper (121 comments )
Reply Link Flag
Note to self: Don't buy Sony CD's
That's stupid to do that. If those greedy ***** would have their artists make better CDs they wouldn't have this problem. Sony is the same company that has kept CD prices exceptionally high over the years. Evil, EVIL Japanese! Good job Microsoft! (Never thought I would say that!)
Posted by PCCRomeo (432 comments )
Reply Link Flag
Holding Sony Responsible
Since different governments hold code writers responsible when their code is used for worms and virus's, will they do the same thing to Sony since a trojan has been found that uses the Rootkit that Sony's products installed on computers? Or will the government use a double standard because Sony is a corporate giant?
Posted by js8425 (2 comments )
Reply Link Flag
BOYCOTT SONY
Buy NOTHING Sony.
Posted by Stan Johnson (322 comments )
Reply Link Flag
Wrong.
buy nothing riaa.
Posted by markdoiron (1138 comments )
Link Flag
BOYCOTT SONY IS RIGHT!
Punish them for this horrible idea.
Posted by kfr01 (12 comments )
Link Flag
Microsoft does something right!
I applaud Microsoft for doing something Symantect wouldn't do -- REMOVE this rootkit. When CD prices come down, I'll accept some copy protection. Last time I checked, major music artists and companies have bank accounts that have a lot more figures than mine! Suffering due to music piracy? HA!
Posted by paulq (4 comments )
Reply Link Flag
You are almost entirely right.
Microsoft is stepping up to the plate, but you have to remember that Sony is their competition, in both the game console market and the Blu-Ray/HD-DVD war. Just because Microsoft is doing the right thing, don't convince yourself that it is for the right reasons. They are not trying to be your knight in shining armor; they are trying to strike the fatal blow.

Also, artists get screwed on a regular basis buy the music industry. Artists money is made on the road, not in the record stores. If artists made the money you think they make on CD sales, don't you think J.Lo would stop making crappy movies and stick to making crappy music? The next time you see a rapper or pop diva in a movie or on TV (attemptting to be an actor), remember that Sony/BMG (and the other companies) cares less about them than they do about you.
Posted by dam7ri (67 comments )
Link Flag
Call Ripley's!
You'll probably won't see that again! Microsoft does something right! 8)
Posted by thedreaming (573 comments )
Link Flag
Lost Face
I wrote Sony an email and suggested that those who caused Sony to lose face do the honerable thing.
Posted by dawger (11 comments )
Reply Link Flag
Leo Laporte
Tech radio talk host &lt;a href="http://www.leoville.com&gt;Leo Laporte&lt;/a&gt; recommends to stop buying Sony CDs to purchase downloads instead.

Can we trust Sony again?
&lt;br&gt;&lt;br&gt;Rufus J, &lt;br&gt;SystemDisc &lt;a href="http://www.systemdisc.com"&gt;Linux CDs</a> shop.
Posted by rjenkins1 (8 comments )
Reply Link Flag
Sony should be sued for the damages
Sony/BMG should be sued big time for the damages to user PC's resulting from the viruses/trojan's after installing their(SONY/BMG) software.

As they are holding software companies responsible for the damages the same should be applied to them.
Posted by thesnl35 (1 comment )
Reply Link Flag
Will this violate the DMCA?
I thought tampering with copy protection software was illegal under the DMCA. Does this mean that MS will be breaking the law if they produce an anti-Sony crapware product?
Posted by rcrusoe (1305 comments )
Reply Link Flag
Shows how crazy the DMCA is
The fact that this is a valid question shows how ridiculous the DMCA is.
Posted by kfr01 (12 comments )
Link Flag
No violation
This does not circumvent it, it removes the entire product, uninstalling is not a violation of the DCMA ofcourse.

The downside is that it doesnt allow you to play this type of protected cd anymore after that, ofcourse, at least not on a PC.
Posted by (20 comments )
Link Flag
This is a great point.
...and another reason why the DMCA doesn't work.
Posted by Chevaliermusic (72 comments )
Link Flag
Depends...
... on who has the better lawyers. :)
Posted by VI Joker (231 comments )
Link Flag
OS vendor overwriting other vendor's SW? Optional??
I hope MS allows the user to make this determination and it's not
an automatic process. Don't get me wrong, I don't like Sony's
approach, but who told Microsoft to erase software on my
computer?!

I mean where does MS get off overwriting somebody else's software
EVEN IF MS's all knowing wisdom says it's detrimental to MY
computer!
Posted by technewsjunkie (1265 comments )
Reply Link Flag
Give it a rest...
.
Posted by Betty Roper (121 comments )
Link Flag
Get off it
Lets see, your upset that MicroSofts Antispyware... let me repeat that... ANTISPYWARE software is removing known spyware off your system? Get a clue, or better yet go buy one because you desperately need one. If you dont want MS removing software off your system, REMOVE ITS ANTISPYWARE!
Posted by ok_tanis (8 comments )
Link Flag
Huh?
That's a pretty stupid comment. What do anti-virus programa and anti-spyware programs do but remove stuff from your system if they find one. Yes, first the try to prevent it, but once the program is there they remove it. Get a clue b4 you make a comment and sound stupid.
Posted by thetruth1960 (18 comments )
Link Flag
Not safe to buy CDs
That means it's safer to get your music via filesharing than to purchase legally. Way to go, Sony.
Posted by al92lt1 (9 comments )
Reply Link Flag
I'm in!
Never buying Sony crap ever again! This is just way too much of a huge mistake Sony has made.
Posted by Bobman (114 comments )
Reply Link Flag
Oops
Meant to press Reply to Comments and not reply to story. This is supposed to be under BOYCOTT SONY. My mistake. If possible, I would like a mod to move this.
Posted by Bobman (114 comments )
Link Flag
Sony Should Delete MS Office Now!
That would teach Microsoft! ;-)

Seriously though...

After the MS fix, is the Sony music CD still going to play?

If not, will Sony offer a free replacement?

I'm curious how much more inconvenience will be dispensed as
a result of this little squable.
Posted by open-mind (1027 comments )
Reply Link Flag
What MS wants
Can anybody seriously think that MS is a good guy here who wants to free you and me from evil Sony? That is bs. What MS wants is a complete control of DRM. They want to kill all competing solutions and licence their technology to everybody else. Since they own the desktop they can easily do that. Don't expect to make any copies in an MS world. You better get used to, it will take only a few years. Buy unprotected CDs as long as you can.
Posted by norvegh (1 comment )
Reply Link Flag
True True... but
It doesn't negatet he fact that they are removing a bad software from your PC, as well any antispyware software should do.
It's a plus and a good move for MS and I applaud them for it, regardless of how it may also benefit their own nefarious agendas.
Just don't support any MS DRM either. And if Sony offers a free MS DMR remover use theirs. Jsut don't buy anything from Sony.

Use the system. Don't just whine about it.
Posted by skeptik (590 comments )
Link Flag
Sony is the good guy????
Some people can see only in black and white. What Sony did is outrageous, either they were too dumb or just didnt care about the consequences. But not as dumb as those who support Sony and call MS bad for helping remove this virus hotbed from Sonys customers who also happen to be MS customers, something Sony should have taken the lead to do, at least after it realized it folly.
Posted by FutureGuy (742 comments )
Link Flag
Good question - What about the lame DMCA?
That our Congress was paid off to act into law. Isn't Microsoft breaking that law? Hey I'm all for Microsoft here, as Sony s-u-c-k-s big time!
Posted by bobby_brady (765 comments )
Reply Link Flag
Windows reliability and stability compromised
Microsoft is not removing XCP DRM software -- Microsoft plans to remove only the "rootkit component of the XCP software" that hides the XCP software.

As I understand, here's what remains: 1) a driver filter that loads in front of the certified CD driver, 2) software that limits number of copies and copy format, 3) software that scans all applications running on the affected computer every two seconds, and 4) a "phone home" component that contacts a Sony server each time a "protected" CD is played.

Unhiding the Sony XCP software removes the security breach caused by the rootkit component, but it also increases the possibility that naive users will disable their CD drives by removing the XCP driver component.

* The driver component of XCP compromises the reliability and stability of the Windows OS with uncertified driver software.

* The copy and format restrictions may or may not work when the rootkit component is removed. Sony released a 350K update that "fixes" that problem.

* The undocumented scanning and "phone home" components are, at least, a privacy intrusion. Does the scanning component affect performance for critical tasks... what happens when other copyright owners install similar scanning components (in fact, certain commercial procucts do scan for duplicate copies of licenced software)... ?
Posted by Mark Donovan (29 comments )
Reply Link Flag
MS AND Sony to blame...
The blame rests on Sony AND Microsoft. Sony for making this DRM-infection, and Microsoft for making everyone an Administrator by default. As I understand it, this DRM-infection can't take hold if not logged in as a member of the Administrators security group (someone correct me with a link if I'm wrong, for clarity's sake - thanks). Allowing the "Administrator" account to not have a password isn't too smart either.
Posted by BlueScreenOfDeath (2 comments )
Reply Link Flag
Shouldn't the opinion be less in-different?
I am that the opinion/comment made are not appropriate. It is like blaming the house owner for a thief killing someone visiting the house. Sony's attitude is to be blamed. I am not to defend Microsoft, but it seems that these days, so many people pick at Microsoft for no direct reasoning! Thanks.
Posted by WSY0726 (21 comments )
Link Flag
MS to blame for Admin setup?
So, because you didn't create a user account that wasn't an admin, and because you didn't set up a password for your admin user that is MS's fault?

Oh, btw, you are asked for a password when setting up windows, especially if its a clean install. So the only one to put blame on for that...is you...

just my 2 cents.
Posted by (7 comments )
Link Flag
boycott sony, BMG, Columbia, Legagy, Epic, et al
Don't jusy boycott sony, boycott all their subsidiaries. Boycott Sony, BMG, Columbia, Legacy, Epic and probably others. Is RCA a Sony subsidiary?
Posted by llaitner (8 comments )
Reply Link Flag
Boycott Sony BMG & RIAA
I think that people should stop buying all movies all music until Sony BMG AKA RIAA stop suing Single Mothers, Grandparents and College Students. They say they are going after them due to pirating for resale. Excuse me? When did they plan on reselling? None have. Yet they cannot seem to catch the smart ones. They are copying and selling music and movies worldwide. Why can't they? They are lazy arses. People are having yardsales, going to fleamarkets and other venues to sell pirated music. Big difference compared to the occasionaly child who downloads a song or a movie. They need to focus on the real pirates and leave the other's alone. Meanwhile we should all STOP BUYING ALL MUSIC AND MOVIES.
Posted by ChimiCelena (5 comments )
Link Flag
Wait...
You are talking about this issue as if all Sony did wrong was using DRM. Doing DRM is not what's at stake here. DRM might be considered good, bad or evil. But it's not illegal (ant least not in the US right now) and not everybody agrees it's wrong.
Installing a rootkit without user's consent is. That's what makes Sony "evil" here. Did Microsoft install a Rootkit? No. Would they? So far, they haven't and there is no indication that they will. Microsoft has done what they should here, and you use this as an opportunity to bash them because "they would have done it if Sony didn't beat them"???? Sheees.
Posted by Hernys (744 comments )
Reply Link Flag
Blame microsoft for making you a computer literate oo
Iraq, Palestine, Israel, sisters running away, international relations blame every thing on Microsoft...
Posted by czarousa (2 comments )
Reply Link Flag
Sony cd problem overlaps onto the DVD format!!!!!!
I think i've discovered a new wrinkle in the SONY screwup with the rootkit. I used to be able to save movies to my HD on my laptop so i could play them on a trip. Now i've got a problem when i try to do save a movie that has a SONY logo on it i get an error message!. I have no problem doing this with other DVD's. Has anyone noticed this problem yet????? It's becoming a real pain.
When i downloaded a Sony move a couple of weeks ago the screen flickered a few times, but i thought it was my monitor. Now i think it was a buried program running off the new movie disc.
Someone with a bit more experience then myself should look into this problem. Maybe we can get Sony on this too. If they are loading a new backdoor rootkit on their DVD's too, then we need to give them hell for that.
Posted by DethLord (1 comment )
Reply Link Flag
Just say NO to Sony. We're not criminals.
The best thing to do against Sony's abuse is to boycott all their products, it doesn't matter whether they're from Sony Electronics or Sony Music.
We can not be treated like criminals.
Also, who will believe in any word provided by Sony? The company claims it will stop "for while" the DRM process. Wow, that's great. It looks Sony is doing a favour to us. That seems ironic to me.
Acting like that Sony is out of the condition of piracy's victim and enters in the world of the hackers.
What a shame!
Posted by betolima64 (5 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.