Sony BMG has just announced that a brand new security flaw has shipped on 5.7 million of their CDs, in the form of MediaMax “security” software by SunnComm Technologies. First the First4Internet rootkit, and now the MediaMax by SunnComm. Sony BMG has really stepped in it, haven’t they?
According to the Electronic Frontier Foundation, who discovered the MediaMax flaw while working with a computer security company, the flaw allows guest users on a Windows system to have privileges on the system which they shouldn’t otherwise have.
Explained Kurt Opsah, an attorney with the EFF, “It’s a privileged escalation attack. On Windows you can have users with different privileges, and because of security weakness in the permissions of a folder, it allows a low-ranked user to act as a high-ranked user.”
The affected CDs include Alicia Keys’ “Unplugged”, and Cassidy’s “I’m A Hustla”.
Here is the full list of titles affected sold in both the United States and Canada:
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
United States:
Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Black Rebel – Motorcycle Club Howl
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Chris Brown – Chris Brown
Cook, Dixon & Young – Volume One
David Gray – Life In Slow Motion
Dido – Dido Live
Faithless – Forever Faithless/ENH
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live
My Morning Jacket – Z
Raheem Devaughn – The Love Experience
Santana – All That I Am
Sarah McLachlan – Bloom (Remix Album)
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
T-Pain – Rappa Ternt Sanga
Various – So Amazing: An All Star Tribute To Luther Vandross
Various – Songs Brown Hotel
Wakefield – Which Side Are You On?
Charlie Wilson – Charlie, Last Name Wilson
YoungBloodZ – Everybody Know Me
Canada
Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Charlie Wilson – Charlie, Last Name Wilson
Chris Brown – Chris Brown
David Gray – Life In Slow Motion
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live Friday the 13th
Melissa O’Neil – Melissa O’Neil
My Morning Jacket – Z
Our Lady Peace – Healthy In Paranoid Times
Santana – All That I Am
Say Anything – …Is A Real Boy
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
The Trews – Den of Thieves
T-Pain – Rappa Ternt Sanga
Various – Canadian Idol High Notes
Various – Tribute To Luther
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Speaking of Pearl Harbor day – Perhaps Sony is launching a new attack on us via their CDs!