Sony BMG Reveals New Security Flaw: MediaMax Software on 5.7 Million CDs

If you find this useful please share it!



 

Sony BMG has just announced that a brand new security flaw has shipped on 5.7 million of their CDs, in the form of MediaMax “security” software by SunnComm Technologies. First the First4Internet rootkit, and now the MediaMax by SunnComm. Sony BMG has really stepped in it, haven’t they?

According to the Electronic Frontier Foundation, who discovered the MediaMax flaw while working with a computer security company, the flaw allows guest users on a Windows system to have privileges on the system which they shouldn’t otherwise have.


 

Explained Kurt Opsah, an attorney with the EFF, “It’s a privileged escalation attack. On Windows you can have users with different privileges, and because of security weakness in the permissions of a folder, it allows a low-ranked user to act as a high-ranked user.”

The affected CDs include Alicia Keys’ “Unplugged”, and Cassidy’s “I’m A Hustla”.

Here is the full list of titles affected sold in both the United States and Canada:

United States:

(Article continues below)
Get notified of new Internet Patrol articles for free!
Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!

Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Sony BMG Reveals New Security Flaw:  MediaMax Software on 5.7 Million CDs

Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Black Rebel – Motorcycle Club Howl
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Chris Brown – Chris Brown
Cook, Dixon & Young – Volume One
David Gray – Life In Slow Motion
Dido – Dido Live
Faithless – Forever Faithless/ENH
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live
My Morning Jacket – Z
Raheem Devaughn – The Love Experience
Santana – All That I Am
Sarah McLachlan – Bloom (Remix Album)
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
T-Pain – Rappa Ternt Sanga
Various – So Amazing: An All Star Tribute To Luther Vandross
Various – Songs Brown Hotel
Wakefield – Which Side Are You On?
Charlie Wilson – Charlie, Last Name Wilson
YoungBloodZ – Everybody Know Me

Canada

Alicia Keys – Unplugged
Amici Forever – Defined
Babyface – Grown & Sexy
Britney Spears – Hitme – Remix
Cassidy – I’m A Hustla
Charlie Wilson – Charlie, Last Name Wilson
Chris Brown – Chris Brown
David Gray – Life In Slow Motion
Imogen Heap – Speak For Yourself
Judd & Maggie – Subjects
Leo Kottke/Mike Gordon – Sixty Six Steps
Maroon 5 – Live Friday the 13th
Melissa O’Neil – Melissa O’Neil
My Morning Jacket – Z
Our Lady Peace – Healthy In Paranoid Times
Santana – All That I Am
Say Anything – …Is A Real Boy
Stellastarr* – Harmonies for the Haunted
Syleena Johnson – Chapter 3: The Flesh
The Trews – Den of Thieves
T-Pain – Rappa Ternt Sanga
Various – Canadian Idol High Notes
Various – Tribute To Luther

We know you're sick of ads on websites. But we still need to pay to keep the lights on for you. So instead of huge ads and video ads, we use smaller, plainer ads. Still, if you'd like to support the Internet Patrol but not the ads, please consider supporting us here:
Donate via Paypal
Other Amount:

  
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!

Sony BMG Reveals New Security Flaw:  MediaMax Software on 5.7 Million CDs

Get notified of new Internet Patrol articles!

If you find this useful please share it!

1 Reply to “Sony BMG Reveals New Security Flaw: MediaMax Software on 5.7 Million CDs”

  1. Speaking of Pearl Harbor day – Perhaps Sony is launching a new attack on us via their CDs!

Leave a Reply

Your email address will not be published. Required fields are marked *