Microsoft to boost Media Player security

Microsoft says it will patch versions of Windows Media Player to prevent users from inadvertently downloading viruses, adware, and spyware when opening copy-protected media files. The update will be available within 30 days, the company says.

Meanwhile Microsoft is urging users of Windows Media Player versions 9 and 10 to be cautious when opening Windows Media Audio files downloaded from peer-to-peer file sharing services.

The problem, first reported by PC World, stems from the way Windows Media Player 9 and 10 automatically acquire licensing information for copy-protected content, a technology known as digital rights management, or DRM. Microsoft's DRM technology acts as an antipiracy measure, ensuring that copy-protected digital files aren't mass-distributed over peer-to-peer networks.

The company also suggests that users change some system settings until the updates to Windows Media Player 9 and 10 become available.

Security experts confirm that hackers and distributors of adware are using a loophole in Microsoft's DRM license acquisition process to display advertising, to initiate the download of adware to PCs, and to distribute viruses.

"People should always use caution when downloading any file off the Internet," says David Caulton, group product manager for Microsoft's Windows Digital Media Division. "We are giving our customers more control over their choices when it comes to accessing the Internet for DRM information."

Potential for serious damage

Currently there is no way to keep Windows Media Player from automatically attempting to connect to the Internet when you try to play specially crafted Windows Media files. The updates to Media Player 9 and 10, expected within a month, will allow users to prevent such Internet access when media files are played.

Given the popularity of P-to-P networks where these infected media files are proliferating, "this could easily become an epidemic very quickly," says Patrick Hinojosa, chief technology officer for Panda Software.

Antivirus utility provider Panda Software reported earlier this month that it had detected two new Trojan horse programs in video files circulating on peer-to-peer networks. The company estimates that "tens of thousands" of PCs have already been infected by Trj/WmvDownloader.A and Trj/WmvDownloader.B, which sneak onto systems via the Media Player and attempt to install malicious programs and viruses.

Loophole described

The problem starts when a user tries to play a DRM-protected file. Normally, when you download a protected Windows Media file, you also receive a license that permits playback. If Windows Media Player can't find a valid license on your PC, it checks in with a remote system running Microsoft's Windows Media DRM Server.

That DRM feature automatically triggers an Internet Explorer browser session. Under normal circumstances, the browser page that opens should walk the user through a license acquisition process.

Since the license dialog box acts just like an Internet Explorer window, it can display whatever HTML coding is on the page that the file points to -- whether it's a legitimate request for license information or a script that launches ads.

PC World found that some Windows Media files on peer-to-peer networks such as Kazaa contain ad-spawning code. The affected files are indistinguishable from files containing songs or short videos in Windows Media format, but when played they launch ads instead of media clips. When we ran the files, we noted over a half dozen pop-ups, several attempts to download adware onto our test PC, and an attempt to hijack our browser's home page.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Spring

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?