10 Year old design flaw in Windows Media Player still abused for malware distribution

vbimport

#1

We’ve just posted the following news: 10 Year old design flaw in Windows Media Player still abused for malware distribution[newsimage]http://www.myce.com/wp-content/images_posts/2016/09/myce-windows-media-player-drm-warning-95x75.jpg[/newsimage]

A flaw in the design of the Windows Media Player DRM implementation is abused by cybercriminals to distribute malware. The method exists for more than 10 years, the first time abuse of the flaw was discovered was in 2005.

            Read the full article here: [http://www.myce.com/news/10-year-old-design-flaw-windows-media-player-still-abused-malware-distribution-80386/](http://www.myce.com/news/10-year-old-design-flaw-windows-media-player-still-abused-malware-distribution-80386/)

            Please note that the reactions from the complete site will be synched below.

#2

Not at all surprised, considering at how long it took to fix that print spooler vulnerability. :rolleyes:


#3

I’m sure Microsoft would happily claim that “changing our DRM software might introduce new weaknesses that allow users to ‘steal’ content. Then the sky will fall.” After all, Microsoft cares more about money than the users’ security. It has taken them till just a few years ago (or maybe it was earlier this year, I can’t remember) to disable SecuRom, another video game-oriented form of DRM that was baked into Windows against the wishes of many users.

If the vulnerability hasn’t been fixed yet, chances are it’s not ever going to be fixed. Hopefully, Microsoft will cease Windows Media Player’s DRM for good, since that’s the only way I can see users being protected from this kind of abuse.