Recently there were warnings about opening WMA/WMV files from non trusted sources in case they exploit Microsoft's DRM to display pop-ups and attempt to install Adware or Spyware on the user's PC. Now Microsoft has responded claiming that this is not a flaw in its rights management tool or media player. They say that Windows XP Service Pack 2 will automatically block any attempted software downloads and those running earlier versions of Windows can also prevent automatic software downloads by upping their Internet Explorer's security level to high.
According to Microsoft, the pop-ups are no more risky than an inexperienced user landing on a similar website and being tricked into downloading dodgy content. Panda software announced in an advisory warning about two dangerous Windows Media files, but can easily be spotted as they display a message thanking the user for the download and to click 'Play' to listen on the website. Instead of playing the track, it actually downloads Spyware to the user's PC.
As expected, Panda identified Overpeer as one culprit, a known company for fighting piracy by flooding P2P networks with fake content. However Overpeer's chief executive office denied responsibility for delivering software to consumer's PCs, although they do admit their fake content does display a pop-up to divert the user to a legal music download store. Another small company 'Protected Media' was also involved. Microsoft announced that they will continue working on the problem and are planning to release an update that prevents Windows Media files from displaying a web page unless the user enables an option to do so.
|
Microsoft responded Friday, saying that the security risk does not arise from a flaw in its rights management tool, although the issue is triggered by an apparently content-protected file. Content distributors can use Windows Media Player to pop up a Web page with information about a video or song, and in this case, that page was apparently loaded with automatic spyware download mechanisms. The automatic downloads would be blocked on any computer running the Service Pack 2 release of Windows, Microsoft representatives said. People can also protect PCs running older versions of the operating system by turning up the security settings in Internet Explorer to "high," they added. "There is no way to automatically force the user to run the malicious software," Microsoft said in an e-mailed statement. "This function is not a security vulnerability in Windows Media Player or DRM." Read the full article here. |
Even though Windows XP SP2 may prevent automatic downloads and pop-ups, there are still quite a lot of consumers out there running earlier versions of Windows or XP SP1. Also as long as the content can display a webpage tempting the user to download a file, then there is a high risk of users getting infected. For example if the page displays 'This media file requires a newer Windows Media codec, please download and install the following update and try again…" Many inexperienced users would believe whatever the pop-up says and follow any given steps.
Interestingly, even though Microsoft encourages media companies to use its audio format and rights management software, it seems that they are getting well aware that consumers do not like having their content protected, especially when they encode it themselves. For example in earlier versions of Windows Media Player such as version 9, copy protection was enabled by default for ripping CDs and a warning would be displayed if the user tried turning this option off:
However, once the user installs Windows Media Player 10 (Windows XP only) and goes back to the CD rip options, the 'copy protect' tick is gone:
Source: C|net News - Software flaws
Winamp will play DRM files, and other programs will too. However, you are right that media player will not load your default browser, it's always IE.
Happy Birthday to you 
