Sony Uninstaller Worse Than Rootkit
Tuesday November 15, 2005
Plan on using Sony's uninstaller to remove their rootkit? You might want to
think again. A Finnish researcher has discovered a serious flaw in the
ActiveX control used to initiate the download. It seems the control remains
on the system even after the download and installation. It's signed and
quite happy to download and run anything directed at it, without verifying
the authenticity.
According to J. Alex Halderman and Ed Felten who researched the discovery, "The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get."
Also see:
According to J. Alex Halderman and Ed Felten who researched the discovery, "The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get."
Also see:
No comments yet. Leave a Comment