Windows Users Getting Bitten by Macrovision Zero Day

Microsoft is working with Macrovision to check out a flaw in a driver on Windows Server 2003 and Windows XP that's being exploited in the wild, according to a Microsoft special security advisory released after business hours on Nov. 5. The danger is complete system takeover. The vulnerability is in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. The affected product is Macrovision SafeDisc, a copy-protection application written for Windows.

Microsoft said in security advisory 944653 that Vista is immune. FrSRT reported on Oct. 19 that the trouble is a memory corruption error in the Macrovision Security Driver when processing user-supplied data. The vulnerability can be used by local attackers to gain so-called Ring 0 privileges and take complete control of an affected system.

View: the full story @ eWeek

Report a problem with article
Previous Story

Microsoft To Open Visual Studio Source Code To Top Partners

Next Story

Symantec buys Vontu

9 Comments

I'm not going to take sides, both operating systems have problems. Wasn't Vista attacked by a 13 year old virus??

S7un7 said,
I'm not going to take sides, both operating systems have problems. Wasn't Vista attacked by a 13 year old virus??

You mean the boot sector virus? That virus is OS independent - it kicks in before the OS starts. There is no way to protect an OS from that. I'm going to go out on a limb here, but I have a hunch that the next version of Windows will be vulnerable to that virus as well.

S7un7 said,
I'm not going to take sides, both operating systems have problems. Wasn't Vista attacked by a 13 year old virus??

It's been said above why that is a stupid example.

In addition, most viruses are just executable code. It's not the job of the OS to prevent them.

Exploits, on the other hand, are a serious issue, and it IS the job of the OS to prevent them.

So, the only trouble is :
a) to send a executable inside a email and the victims must run it.
b) A unprivileged users can take possession of a computer without the consent of the admin, for example a university computer.

Commenting is disabled on this article.