Slashdot Mirror
Crackers Tune In to Windows Media Player
jamshedji writes "Crackers are using the newest DRM technology in Microsoft's Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users."
← Back to Stories (view on slashdot.org)
Use the excellent - and free - VLC media player
No, in this case WMP asked to go download and install the codec needed to play the video file.
When the user clicks yes, then their system becomes infected.
So if you don't trust the video source, or set WMP to not download codec you will be safe
You can turn the "feature" off. The spyware is installed when the player claims it needs a license. The settings for this are on the privacy tab.
Oderint dum metuant
If you RTFA, you'd understand that Windows Media Player attemps to connect to the Internet when a file is played that it doesn't have a valid license for.
In theory, if you download an MP3 with DRM enabled, Windows Media Player will search your computer for the license. If it doesn't find it, it will go to the URL specified in the MP3. This is part of the DRM spec.
"Hackers" are just taking advantage of this, creating fake MP3s/MOVs and making those URLs go to junk-infested sites.
In WMP's defense, it *does* ask you first if you want to go out and hit the site for the DRM license. And once you get there, if you're running SP2 then security is no different than any other mailious website you may visit.
SP2 should block the popups, and give you a much more informative warning if the site tries to push software onto your computer.
-David
Windows media player like it should be. Low resource usage, plays dvds and any file you have the codecs for installed, without any network access at all. (Unless you're playing a stream or course)
I am trolling
Actually, it has nothing to do with codecs. It has to do with acquiring a license to play a video file. And you can turn this off if you'd like in WMP. The problem is that most folks have it set to automatically acquire licenses by default.
Your mind looks a little cramped. Why don't you stretch it a little?
This should not be modded insightful. What garcia didn't process is that WMP will open the default browser to process the DRM license. If Firefox is your default browser it will be opened and presumably the webpage will not be able to use IE exploits to install malware. This of course is due to the fact that the issue is with security holes in IE and not WMP. The issue with WMP is that it is accessing IE.
It seems that 99% of slashdotters didn't understand the article. The article author also has no idea about the subject. Even the "research note" is not perfectly clear.
This is not a security breach in Windows Media Player.
Here is what happens. A wma/wmv DRM protected file needs a license to be played. When WMP plays a file that does not have a license it will open a dialog with a web browser control inside and navigate to the "license store url" that was written inside the file. This feature is called "superdistribution" and it is present in other DRM enabled players as well.
That is all that Windows Media Player does. At most WMP can be acused of not displaying more information about why the dialog was opened. If even the slashdot crowd has problems understanding this, imagine the rest of the computer users.
Once the IE opens the web page it is no different than going to that url yourself in IE.