29 November 2005

SonyBMG’s “malware”

Threats to computer security may come from unexpected sources...

Probably the biggest IT story in the last few weeks has been the discovery of SonyBMG’s distribution of “rootkit” software on its audio CDs. The rootkit software installed itself secretly on PCs and was designed to manage copying of the music from the CD onto the computer. Designed as a copy protection system, it also inadvertently provided a new opportunity for third parties to install malware on computers infected with the rootkit: there are two known exploitations of the rootkit by malware developers. Removal of the rootkit damages Windows.

While Macintosh computers were not affected by the rootkit, SonyBMG had an alternative system that did work on Macs, but users had to agree to the software’s installation whereas with the PC version the installation was done automatically and the software hidden.

SonyBMG has since stopped shipping CDs with the rootkit and recalled all affected CDs. Microsoft will be releasing removal software as a part of its regular Windows Update service to remove the rootkit and repair infected systems.