Windows Media Player DRM rights problem > Forums

Unanswered

Active Topics

Forums

Forums > Viruswarning Forum > Viruswarning archive

Subject: Windows Media Player DRM rights problem

Email me when someone replies to this thread.

You are not authorized to post a reply.

Author

Messages

Lee Drake
Posts:238

02/08/2005 8:24 PM
What Is It? The latest versions of Microsoft Windows Media Player (versions 9 and 10) includes a capability to automatically acquire DRM licenses that let you play copy protected music, video, and other media. By using any of a variety of technical methods, possibly aided by some social engineering, a hacker can use this mechanism to run any code of his choosing on your computer, and do anything to it that you can. This could include one or more of the following. Install spyware on your computer to monitor your activities or steal your passwords. Install adware on your computer to deliver unwanted pop-up advertising. Install a "back door" program that would enable the hacker to subsequently use your computer as a "zombie" to send spam, spread viruses, or launch attacks against targeted sites or the Internet itself. Alter or destroy programs or data on your computer, possibly rendering it unusable. What Should I Do? Be vary wary of prompts for DRM licenses from any but well known companies such as Microsoft, a record label, or a movie studio, or a company with whom you regularly do business. Carefully check the address bar of the Web browser window that opens before you proceed. If the URL starts out something like http://66.123.155.101/SomePage.html, or you do not recognize the domain, stop at once and scan your computer for viruses, spy programs, and adware. Digital Rights Management (DRM) licenses are essentially software. As such, we believe they should be approved on a case by case basis. This means that your media player should be configured to prompt you for permission each time the file you are about to play requires a license. The first time each user of a machine runs Windows Media Player 9 or 10, a wizard takes you through the process of configuring the player. By default, the wizard sets the player to automatically acquire DRM licenses as required. If you are upgrading, we recommend that you clear this check box when the wizard runs. If you have already upgraded, do the following to disable automatic license acquisition. Open Windows Media Player from your Start Menu, desktop, or task bar. Click the button with the tool tip that says "Select Now Playing Options." This is a tiny green button in the upper left corner of the display, just beneath the button that reads "Now Playing." Choose "Visualizations" from the small menu that displays. Choose "Options" from the Visualizations menu. Click on the Privacy tab. The third check box is labeled "Acquire licenses automatically for protected content." Clear this check box. Click the "Apply" button at the bottom of the dialog box. Click the "Ok" button to close the dialog box. You may close the player. Note: If several people use the computer and user profiles are enabled, this operation must be repeated for each user, as the settings are stored on a per user basis. I have confirmed this by testing on one of the Windows XP machines in my office. If you run Windows XP. Windows 2000, or Windows NT, user profiles are always enabled. If you run Windows 9x, user profiles are enabled if you must log into Windows in order to use the machine. Lee Drake and I briefly discussed the impact of this issue when it first came to my attention about a month ago. As Lee says, the way DRM license acquisition is supposed to work is that your Web browser opens onto a Web site where you complete a form to acquire the license. As the last reference cited below reminds us, good social engineering makes it very difficult for most users to tell the difference between a legitimate DRM license page and a hacker page. Unfortunately, depending on your browser security settings, the damage may have already been done. The bottom line is that, unfortunately, you must treat media files with the same caution that you do most other attachments. References Following are a couple of pertinent references. "Hackers Tune In to Windows Media Player" at http://www.eweek.com/article2/0%2C1759%2C1749948%2C00.asp is the first of several articles that I saw about this issue. "Microsoft to Boost Media Player Security" at http://www.pcworld.com/news/article/0,aid,119362,00.asp reports that a fix from Microsoft is in the works, but the article is unclear about how they intend to fix the problem. "Microsoft Reverses Plan, Will Patch Media Player" at http://www.osnn.net/comments.php?shownews=11699 reports that Microsoft has reversed course and will release a patch that alters the default behavior of Windows Media Player. "How to Turn Off the Processing of HTML Scripts That Are Contained in Windows Media Files," at http://support.microsoft.com/default.aspx?kbid=320944 explains how to change the Media Player settings using Registry import files. This is an advanced article; seek professional advice unless you are well acquainted with editing the Registry. Finally, "Re: Microsoft refuses to fix DRM Exploit!, at http://www.dslreports.com/forum/remark,12382334~mode=full is a forum thread that contains a lively discussion of the risks associated with acquiring DRM licenses. This concludes this VirusWarn notice. David Gray P6 Consulting V: +1 (817) 896-1114 F: +1 (817) 294-1830 TZ: USA Central, GMT -6 E: mailto:dagray@p6c.com W: http://www.p6c.com 6913 Wilton Drive Fort Worth, TX 76133-6130 USA You are more important than any technology we may employ.

You are not authorized to post a reply.

Forums > Viruswarning Forum > Viruswarning archive > Windows Media Player DRM rights problem

ActiveForums 3.6