Microsoft will wipe Sony's 'rootkit'

Microsoft will update its security tools to detect and remove part of the copy protection tools installed on PCs when some music CDs are played.

The Redmond, Wash., software maker has determined that the "rootkit" piece of the XCP software on some Sony BMG Music Entertainment CDs can pose a security risk to Windows PCs, according to a posting Saturday to a Microsoft corporate Web log.

The Sony BMG software installs itself deeply inside a hard drive when a CD is played on a PC. The technology uses rootkit techniques to hide itself. Experts blasted the cloaking mechanism, saying it could be abused by virus writers. The first remote-control Trojan horses that take advantage of the veil provided by Sony BMG have surfaced.

To protect Windows users, Microsoft plans to update Windows AntiSpyware and the Malicious Software Removal Tool as well as the online scanner on Windows Live Safety Center to detect and remove the Sony BMG software, the software maker said in its blog.

Reader response
What should Sony do?

Debate how the debacle will
affect the label's policies.

Windows AntiSpyware is Microsoft's spyware-fighting software that is currently available as a test version and used by millions of people worldwide. Microsoft provides weekly updates for Windows AntiSpyware. The Windows Malicious Software Removal Tool is updated monthly and is part of Microsoft's monthly patch releases.

Detection and removal of the rootkit component will also be in Windows Defender, the forthcoming update to Windows AntiSpyware that will also be part of Windows XP successor Windows Vista, Microsoft said.

In its move to detect and remove the Sony BMG rootkit, Microsoft follows other makers of security software. Symantec and Computer Associates are among those that are offering, at minimum, rootkit detection capabilities in their products. Sony BMG itself has provided a patch that fixes the security problem and still allows CDs to be played on PCs.

On Friday, Sony said it had halted production of CDs with the controversial technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music. Sony does still produce CDs that use a different copy protection scheme.

[heystoopid]

Goodbye Sony

Let us hope , now that M$ has moved to protect it's core operating system, from SONY's unwanted cloaked clunky junk DRM illegal invasionware, which causes BSoD! Let us hope that M$ sends in the legal suits to toast SONY & F4i, for billions on another front, now that would be a fine sight to behold! In the interim, I hope future sales of the new XBOX 360, totally crushes PS3, from the consumer backlash against SONY!

[SqlserverCode]

Will you buy Blu-Ray?

Will you trust the Blu-Ray discs, who knows what kind of rootkit will be on those discs? This is a big fiasco for Sony at the worst possible time. Something tells me that those Blu-Ray discs will have a hard time playing on windows PC's when they come out. Now MS can say they are protecting the OS and basically shutting Sony out.

http://sqlservercode.blogspot.com/

[ChazzMatt]

Microsoft crush Sony?

Now Microsoft is the good guy? Microsoft would have done the same stupid DRM stuff but Sony beat them to it. Vista will be chockful of DRM restrictions, believe me. And Microsoft doesn't write the most elegant code themselves, so some of it will be as clunky as Sony's rookit. Rooting for Microsoft is like rooting for the lawyers who will go after Sony. Yeah, I want it to happen, but I feel so guilty about it -- when did lawyers and Microsoft become the good guys? Sad that Sony is so much worse that we are rooting for the bad guys to take down the even badder guy.

[Betty Roper]

Sony's Big BooBoo

Sony's evil. Microsoft's evil. Blah.

The real story is Microsoft liability if it's operating system is compromised by another entity. I would expect this will open a new chapter in MS relationships to other large companies trying to use the Windows platform to protect their interests.

The downside of having 90% desktop share is that you're almost like a public utility -- MS needs to guarantee service levels and can't do that when rogue companies try and exploit weaknesses for their own purposes.

[PCCRomeo]

Note to self: Don't buy Sony CD's

That's stupid to do that. If those greedy ***** would have their artists make better CDs they wouldn't have this problem. Sony is the same company that has kept CD prices exceptionally high over the years. Evil, EVIL Japanese! Good job Microsoft! (Never thought I would say that!)

[js8425]

Holding Sony Responsible

Since different governments hold code writers responsible when their code is used for worms and virus's, will they do the same thing to Sony since a trojan has been found that uses the Rootkit that Sony's products installed on computers? Or will the government use a double standard because Sony is a corporate giant?

[Stan Johnson]

BOYCOTT SONY

Buy NOTHING Sony.

[paulq]

Microsoft does something right!

I applaud Microsoft for doing something Symantect wouldn't do -- REMOVE this rootkit. When CD prices come down, I'll accept some copy protection. Last time I checked, major music artists and companies have bank accounts that have a lot more figures than mine! Suffering due to music piracy? HA!

[dawger]

Lost Face

I wrote Sony an email and suggested that those who caused Sony to lose face do the honerable thing.

[rjenkins1]

Leo Laporte

Tech radio talk host <a href="http://www.leoville.com>Leo Laporte</a> recommends to stop buying Sony CDs to purchase downloads instead.

Can we trust Sony again?
<br><br>Rufus J, <br>SystemDisc <a href="http://www.systemdisc.com">Linux CDs shop.

Sony should be sued for the damages

Sony/BMG should be sued big time for the damages to user PC's resulting from the viruses/trojan's after installing their(SONY/BMG) software.

As they are holding software companies responsible for the damages the same should be applied to them.

[rcrusoe]

Will this violate the DMCA?

I thought tampering with copy protection software was illegal under the DMCA. Does this mean that MS will be breaking the law if they produce an anti-Sony crapware product?

[technewsjunkie]

OS vendor overwriting other vendor's SW? Optional??

I hope MS allows the user to make this determination and it's not
an automatic process. Don't get me wrong, I don't like Sony's
approach, but who told Microsoft to erase software on my
computer?!

I mean where does MS get off overwriting somebody else's software
EVEN IF MS's all knowing wisdom says it's detrimental to MY
computer!

[al92lt1]

Not safe to buy CDs

That means it's safer to get your music via filesharing than to purchase legally. Way to go, Sony.

[Bobman]

I'm in!

Never buying Sony crap ever again! This is just way too much of a huge mistake Sony has made.

[open-mind]

Sony Should Delete MS Office Now!

That would teach Microsoft!

Seriously though...

After the MS fix, is the Sony music CD still going to play?

If not, will Sony offer a free replacement?

I'm curious how much more inconvenience will be dispensed as
a result of this little squable.

[norvegh]

What MS wants

Can anybody seriously think that MS is a good guy here who wants to free you and me from evil Sony? That is bs. What MS wants is a complete control of DRM. They want to kill all competing solutions and licence their technology to everybody else. Since they own the desktop they can easily do that. Don't expect to make any copies in an MS world. You better get used to, it will take only a few years. Buy unprotected CDs as long as you can.

[bobby_brady]

Good question - What about the lame DMCA?

That our Congress was paid off to act into law. Isn't Microsoft breaking that law? Hey I'm all for Microsoft here, as Sony s-u-c-k-s big time!

[Mark Donovan]

Windows reliability and stability compromised

Microsoft is not removing XCP DRM software -- Microsoft plans to remove only the "rootkit component of the XCP software" that hides the XCP software.

As I understand, here's what remains: 1) a driver filter that loads in front of the certified CD driver, 2) software that limits number of copies and copy format, 3) software that scans all applications running on the affected computer every two seconds, and 4) a "phone home" component that contacts a Sony server each time a "protected" CD is played.

Unhiding the Sony XCP software removes the security breach caused by the rootkit component, but it also increases the possibility that naive users will disable their CD drives by removing the XCP driver component.

* The driver component of XCP compromises the reliability and stability of the Windows OS with uncertified driver software.

* The copy and format restrictions may or may not work when the rootkit component is removed. Sony released a 350K update that "fixes" that problem.

* The undocumented scanning and "phone home" components are, at least, a privacy intrusion. Does the scanning component affect performance for critical tasks... what happens when other copyright owners install similar scanning components (in fact, certain commercial procucts do scan for duplicate copies of licenced software)... ?

[BlueScreenOfDeath]

MS AND Sony to blame...

The blame rests on Sony AND Microsoft. Sony for making this DRM-infection, and Microsoft for making everyone an Administrator by default. As I understand it, this DRM-infection can't take hold if not logged in as a member of the Administrators security group (someone correct me with a link if I'm wrong, for clarity's sake - thanks). Allowing the "Administrator" account to not have a password isn't too smart either.