Comments on: Sony Caves on RootKit, Pulls CDs, Offers Exchange Program http://www.theinternetpatrol.com/sony-caves-on-rootkit-pulls-cds-offers-exchange-program Internet Safety, Windows Updates, Internet News, and More Sun, 07 Sep 2008 23:36:51 +0000 http://wordpress.org/?v=2.5 By: martinelli http://www.theinternetpatrol.com/sony-caves-on-rootkit-pulls-cds-offers-exchange-program#comment-2885 martinelli Wed, 16 Nov 2005 15:34:18 +0000 /?p=1185#comment-2885 If you've used the BMG uninstaller, be aware that it leaves around an ActiveX control that needs to be deleted so you don't leave a wide open exploitable security hole on your system. The ActiveX control is signed and able to install programs without user interaction, so expect it to be exploited in the near future. http://blogs.washingtonpost.com/securityfix/2005/11/sony_uninstall_.html Manual uninstall directions: http://www.freedom-to-tinker.com/?p=927 If you’re vulnerable, you can protect yourself by deleting the CodeSupport component from your machine. From the Start menu, choose Run. In the box that pops up, type (on a single line) cmd /k del “%windir%\downloaded program files\codesupport.*â€? This is not an ideal solution – depending on your security settings, it may not prevent the software from installing again - but it’s better than nothing. We’ll have to wait for First4Internet to develop a complete patch. If you’ve used the BMG uninstaller, be aware that it leaves around an ActiveX control that needs to be deleted so you don’t leave a wide open exploitable security hole on your system. The ActiveX control is signed and able to install programs without user interaction, so expect it to be exploited in the near future.

http://blogs.washingtonpost.com/securityfix/2005/11/sony_uninstall_.html

Manual uninstall directions:
http://www.freedom-to-tinker.com/?p=927

If you’re vulnerable, you can protect yourself by deleting the CodeSupport component from your machine. From the Start menu, choose Run. In the box that pops up, type (on a single line)

cmd /k del “%windir%\downloaded program files\codesupport.*�

This is not an ideal solution – depending on your security settings, it may not prevent the software from installing again - but it’s better than nothing. We’ll have to wait for First4Internet to develop a complete patch.

]]>