Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Steve Lamb Releases 5-Part Series on Securing a Wireless Network | Main | BREAKING: Windows Server 2008 RTM Delayed »

Another Sony Device with On-Board Rootkit

Today's Holy Crap, What Were They Thinking award goes to Sony, who after running their own name through the dirt two years ago for including Rootkit-type technology on CD's as a DRM mechanism, have been caught red-handed for the second time. Another Rootkit? Come on Sony, haven't you learned you lesson yet?

According to Ryan Naraine's column on ZDnet...

The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under “c:\windows\”. So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.

You really do want to read this whole article......
http://blogs.zdnet.com/security/?p=475&tag=nl.e539

Tags:    
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on August 30, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/371

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.