Sony BMG Reveals New Security Flaw: MediaMax Software on 5.7 Million CDs

The Internet Patrol - Patrolling the Internet for You

Sony BMG has just announced that a brand new security flaw has shipped on 5.7 million of their CDs, in the form of MediaMax “security” software by SunnComm Technologies. First the First4Internet rootkit, and now the MediaMax by SunnComm. Sony BMG has really stepped in it, haven’t they?

According to the Electronic Frontier Foundation, who discovered the MediaMax flaw while working with a computer security company, the flaw allows guest users on a Windows system to have privileges on the system which they shouldn’t otherwise have.


Explained Kurt Opsah, an attorney with the EFF, “It’s a privileged escalation attack. On Windows you can have users with different privileges, and because of security weakness in the permissions of a folder, it allows a low-ranked user to act as a high-ranked user.”

The affected CDs include Alicia Keys’ “Unplugged”, and Cassidy’s “I’m A Hustla”.

Here is the full list of titles affected sold in both the United States and Canada:

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

United States:

Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Black Rebel – Motorcycle Club Howl
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Chris Brown – Chris Brown
Cook, Dixon & Young – Volume One
David Gray – Life In Slow Motion
Dido – Dido Live
Faithless – Forever Faithless/ENH
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live
My Morning Jacket – Z
Raheem Devaughn – The Love Experience
Santana – All That I Am
Sarah McLachlan – Bloom (Remix Album)
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
T-Pain – Rappa Ternt Sanga
Various – So Amazing: An All Star Tribute To Luther Vandross
Various – Songs Brown Hotel
Wakefield – Which Side Are You On?
Charlie Wilson – Charlie, Last Name Wilson
YoungBloodZ – Everybody Know Me

Canada

 

Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Charlie Wilson – Charlie, Last Name Wilson
Chris Brown – Chris Brown
David Gray – Life In Slow Motion
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live Friday the 13th
Melissa O’Neil – Melissa O’Neil
My Morning Jacket – Z
Our Lady Peace – Healthy In Paranoid Times
Santana – All That I Am
Say Anything – …Is A Real Boy
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
The Trews – Den of Thieves
T-Pain – Rappa Ternt Sanga
Various – Canadian Idol High Notes
Various – Tribute To Luther

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

One thought on “Sony BMG Reveals New Security Flaw: MediaMax Software on 5.7 Million CDs

  1. Speaking of Pearl Harbor day – Perhaps Sony is launching a new attack on us via their CDs!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.