Sony DRM Woes Continue
Opinion: The MediaMax DRM didn't get as much attention as the other XCP DRM used by Sony, but it turns out it has a problem with Windows.While I have had my fill of Sony DRM and all the screaming that has gone on around it (though it still gives me a chuckle when I see a breathless story in some second-tier MSM newspaper about "Copy Protection on Sony CDs" that is both outdated and inaccurate) there was actually a new wrinkle going on in the last week. Remember the MediaMax DRM that didnt get as much attention as the other XCP DRM used by Sony during the first wave of screaming and yelling? Well, it seems SunnComms little child has a problem when dealing with Windows. There are insecure default directory ACLs being set on the "SunnComm Shared" directory, which allow any local user full and total access to the directory. "So what?" you ask. Well, non-administrative users can modify the installed files in the directory because of this. If they are of a mind to do so, these users can potentially gain escalated privileges by (for example) replacing the MMX.exe program with a malicious (and privilege-escalating) program. The MMX.exe program will be automatically executed when another user inserts a MediaMax protected CD.
Changing the directory ACL manually is reportedly non-effective. The reason is that the insecure permissions will be restored the next time a MediaMax-protected CD is played.