Feeds

Stop! Don't install Easy CD Creator 5 til you read this story

Latest version can wipe out Win2K machines

  • alert
  • submit to reddit

3 Big data security analytics techniques

The latest version of the popular CD recording software Easy CD Creator, version 5, is killing Windows 2000 machines stone dead so hold off until you have read all the guidance.

The developer of the software, Roxio, has put up a security notice on its site saying that a "small percentage" of people using the Windows 2000 OS have experienced some problems with its leading product.

The advice disingenuously says there are two problems connected with a full install of the software. One, "a blue screen error" aka the blue screen of death and two, the computer takes an extremely long time to boot. That sounds bad enough but we have it on good authority that the software is even more malignant than that.

"This is the first piece of software I have ever found which is capable of comprehensively trashing a working PC," one reader has told us. "I spent six hours last night trying and failing to recover this machine and will have to spend similar amount tomorrow rebuilding it." Usenet contains many similar tales.

"I have never seen anything kill a PC like this since the bad old days of 3.1," said one.

The problem appears to lie with the Take Two module of the software - the part that enables you to recover data from crashed hard disks. It would seem the module has turned to the dark side and used its powers for evil rather than good.

Roxio's suggestion is that people select Custom Install when loading the software and deselect the Take Two. This only goes to show that Take Two is an integral part of the Easy CD package. How many machines may be corrupted by the software before people become aware of the problem doesn't bear thinking about.

The question is: how could a bug of this enormity have escaped attention and be released on the market? And what does Roxio plan to do about it? AOL is currently facing a heavy lawsuit for changing users' settings without their permission. This software - installed as intended - is having a far worse effect than that and appears to be conflicting with the OS itself rather than other software on the computer that Roxio could not be aware of.

On 12 April this year, parent company Adaptec said it was going to spin-off Roxio. It said it distribute shares in Roxio to Adaptec shareholders through a special stock dividend. This dividend is due to be paid in a week's time - just one month after the announcement - and will mark the split between Roxio and Adaptec. Roxio is then expected to start trading on Nasdaq on 14 May.

Plans for a float of Roxio were scrapped at the start of January and this news was followed two weeks later by a poor set of Q3 results for Adaptec, which saw its share price fall 3 per cent.

And so the stark question is: was Easy CD 5 rushed out before the official split, without proper testing and hence complete with PC-destroying bugs? It seems all too probable. And what does it intend to do about the problem? Can we expect a recall? We are waiting for the company to get back to us on these questions.

Easy CD Creator is Roxio's leading product and enables users to burn anything onto a CD like music, photos and videos. It lets people build a CD of MP3s for example or a slideshow of pictures or video presentations. The company also does a Mac version of the software called Toast. ®

Related Link
Roxio's security notice

SANS - Survey on application security programs

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.