X

Microsoft will wipe Sony's 'rootkit'

Security tools will detect and remove part of the copy protection tools installed on PCs when music CDs are played.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
2 min read
Microsoft will update its security tools to detect and remove part of the copy protection tools installed on PCs when some music CDs are played.

The Redmond, Wash., software maker has determined that the "rootkit" piece of the XCP software on some Sony BMG Music Entertainment CDs can pose a security risk to Windows PCs, according to a posting Saturday to a Microsoft corporate Web log.

The Sony BMG software installs itself deeply inside a hard drive when a CD is played on a PC. The technology uses rootkit techniques to hide itself. Experts blasted the cloaking mechanism, saying it could be abused by virus writers. The first remote-control Trojan horses that take advantage of the veil provided by Sony BMG have surfaced.

To protect Windows users, Microsoft plans to update Windows AntiSpyware and the Malicious Software Removal Tool as well as the online scanner on Windows Live Safety Center to detect and remove the Sony BMG software, the software maker said in its blog.

Windows AntiSpyware is Microsoft's spyware-fighting software that is currently available as a test version and used by millions of people worldwide. Microsoft provides weekly updates for Windows AntiSpyware. The Windows Malicious Software Removal Tool is updated monthly and is part of Microsoft's monthly patch releases.

Detection and removal of the rootkit component will also be in Windows Defender, the forthcoming update to Windows AntiSpyware that will also be part of Windows XP successor Windows Vista, Microsoft said.

In its move to detect and remove the Sony BMG rootkit, Microsoft follows other makers of security software. Symantec and Computer Associates are among those that are offering, at minimum, rootkit detection capabilities in their products. Sony BMG itself has provided a patch that fixes the security problem and still allows CDs to be played on PCs.

On Friday, Sony said it had halted production of CDs with the controversial technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music. Sony does still produce CDs that use a different copy protection scheme.