Macrovision update plugs zero-day DRM exploit
The one that got away
Macrovision has published a patch defending against a security vulnerability in its SafeDisc copy protection software that has become the target of a hacker attack.
The Macrovision update comes 20 days after the security vulnerability was discussed in non-specific terms on Symantec's Security Response Weblog. The flaw, though Symantec wasn't specific on this, involves a privilege elevation bug in Macrovision secdrv.sys driver that comes bundled with Windows XP and 2003 (though not Windows Vista).
Although the bug is relatively mild (a glass of beer, perhaps, compared to the Pan Galactic Gargle Blaster effects of the likes of other Windows flaws), it still captured the imagination of hackers, probably because it involved DRM software. Exploit code leaked onto the net leading to "limited attacks" since, Microsoft said on Monday.
The publication of a security advisory by Microsoft coincided with the release of an update from Macrovision. Windows XP and Windows Server 2003 users are advised to apply the Macrovision update, which is due to be rolled out automatically as part of the next Patch Tuesday update on 13 November. ®
Priv Elevation "Relatively Mild?!" Compared to what?
I suppose since everyone runs their machines with full Administrator access anyways, that a privilege elevation bug is much lower on the priority list than a bug in some user-level app that the ignorant user's running under said-full-Admin access.
By comparison, I treat privilege elevation bugs as VERY high priority. Well, because no one I consult for runs with full admin BECAUSE of all of the so-called "high priority" bugs out there... and yes, that includes myself.
And Vista isn't vulnerable... guess that's as good a reason as any to upgrade!
Sod the DRM Angle...
More Hitchhiker analogies in stories, please.