funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Sony's insecure uninstaller ActiveX control is still live

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 16 Nov 2005 17:18:29 -0500
Hi,

My business partner just discovered that the insecure Sony uninstaller
ActiveX control is still live on the Web.  Here's the download URL for the
ActiveX .CAB file:
 
    http://www.xcp-aurora.com/clients/SoftwareUpdate.cab 

This URL first showed up in a HijackThis log file from July of this year
according to Google.

The download Web site is owned by First 4 Internet Ltd, the developer of the
now infamous Sony "DRM" technology:

      First 4 Internet Ltd
      Ceri Coburn
      Unit 6, Bridgend Bussiness Centre, Bennet St
      Bridgend, - CF313SH
      GB
      Phone: +44(0)1656651885
      Fax..: +44(0)1656651299
      Email: ceri () first4internet co uk

As an aside, does First 4 Internet have permission from all the appropriate
copyright owners to republish these articles on their Web site:

   http://www.xcp-aurora.com/press_related.aspx

Richard M. Smith
http://www.computerbytesman.com




_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: