Original URL: http://www.theregister.co.uk/2007/11/06/macrovision_drm_update/

Macrovision update plugs zero-day DRM exploit

The one that got away

By John Leyden

Posted in Security, 6th November 2007 12:55 GMT

Macrovision has published a patch defending against a security vulnerability in its SafeDisc copy protection software that has become the target of a hacker attack.

The Macrovision update comes 20 days after the security vulnerability was discussed in non-specific terms on Symantec's Security Response Weblog. The flaw, though Symantec wasn't specific on this, involves a privilege elevation bug in Macrovision secdrv.sys driver that comes bundled with Windows XP and 2003 (though not Windows Vista).

Although the bug is relatively mild (a glass of beer, perhaps, compared to the Pan Galactic Gargle Blaster effects of the likes of other Windows flaws), it still captured the imagination of hackers, probably because it involved DRM software. Exploit code leaked onto the net leading to "limited attacks" since, Microsoft said on Monday.

The publication of a security advisory by Microsoft coincided with the release of an update from Macrovision. Windows XP and Windows Server 2003 users are advised to apply the Macrovision update, which is due to be rolled out automatically as part of the next Patch Tuesday update on 13 November. ®