Slashdot Mirror


AntiPiracy Macrovision Bug is Actually Six Years Old

twitter writes "A recently reported Macrovision bug has actually been around for six years, according to Computerworld. 'Flawed antipiracy software now being exploited by attackers has been bundled with Windows for the last six years to protect game publishers, Macrovision Corp. said today. The "secdrv.sys" driver has shipped with all versions of Windows XP, Windows Server 2003 and Windows Vista ... users do not have to play a SafeDisc-protected game to be vulnerable.' The article goes on to play down danger and claim that Vista is safe, but ZDNet notes: 'Malware authors are actively exploiting a zero-day privilege escalation vulnerability ... [which] can be exploited overwrite arbitrary kernel memory and execute arbitrary code with SYSTEM privileges. This facilitates the complete compromise of affected computers.'"

1 of 177 comments (clear)

  1. Re:ZOMG SIX YEARS?!? by Anonymous Coward · · Score: -1, Flamebait

    You trolling fool. A display bug that a tiny percentage of people will ever run across (and is easily worked around) has absolutely ZERO relevance to a privilege escalation bug.

    This is much more like the "if (uid=0) { dosomething; }" line that some idiot tried to toss into the Linux kernel. The difference is that thanks to Windows being a closed-source POS, they got AWAY with it for SIX YEARS. How's that closed source taste, jalekfowit? You enjoy being hacked at a moment's notice?