RE: Sony's Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall Discs

["Hubbard, Dan" <dhubbard () websense com>]

I believe this is it:
 
CLSID:4EA7C4C5-C5C0-4F5C-A008-8293505F71CC

________________________________

From: funsec-bounces () linuxbox org on behalf of Aditya Deshmukh
Sent: Tue 11/15/2005 6:26 PM
To: 'Richard M. Smith'; funsec () linuxbox org
Subject: RE: [funsec] Sony's Web-Based Uninstaller Opens a Big Security Hole;Sony to Recall Discs



> CodeSupport remains on your system after you leave Sony's site, and it is
> marked as safe for scripting, so any web page can ask CodeSupport to do
> things. One thing CodeSupport can be told to do is download and install
code
> from an Internet site. Unfortunately, CodeSupport doesn't verify that the
> downloaded code actually came from Sony or First4Internet.

Does deleting codesupport from "downloaded program files" ie the actvix
cache
folder solve this problem ?

Also does someone has its CLASSID so it can be added to the block list ?


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.