DRM causes vulnerabilities

This image is from Microsoft's DRM page.

We often hear people touting the evilness of DRM, but usually they are talking about the idea of ownership. In this case, DRM is actually causing harm. It turns out that Microsoft’s msnetobj.dll, which is supposed to enforce DRM on your computer, stopping you from doing certain things like saving files you don’t “own” is open to 3 attacks.  Vulnerable to buffer overflow, integer overflow, and denial of service, this sucker is riddled with issues.

The vulnerabilities in this file aren’t groundbreaking. Buffer overflow is a common method to get to many systems. The problem here, according to some commenters at BoingBoing, is the fact that this DLL is called every time you open a media file.

[via BoingBoing]

26 thoughts on “DRM causes vulnerabilities

  1. “its on hackaday because they forgot they arent SlashDot again”

    well to be fair slashdot is too busy forgetting they are not macworld so someone has to do it

  2. “… the fact that this DLL is called every time you open a media file”

    Then don’t use a player that uses that DLL ;)

    Btw, what does this have to do with hacking?

  3. Why don’t one of you guys write a fix/ exploit for M$’ msnetobj.dll instead of complaining why its here, and give Hack-a-day something more to post about?

  4. OMG someone please code a new msnetobj.dll because i don’t want to be able to possess any music that i didn’t pay for and thus legally own the right to play in my own home or car, as long as it is not duplicated and played at a volume where someone who didn’t pay for the song might hear it.
    Damn Radio Music.

  5. idk what milw0rm is but i use btjunkie.org for my legal torrenting pleasure and they seem to have been under attack recently or maybe it really is just massive server load from all the traffic that moved to btjunkie after tpb and the others got shutdown. i never used any of the ones that got shutdown anyway

  6. yeah it does seem to be online. idk my friend said they got shut down & novatorrent or some shit but i never used TPB because of all the bullshit, i can deal with 2 ads and the ease of use of btjunkie, plus its easier to distinguish real from fake

  7. M4CGYV3R her you can remote access.

    remember code red from 2000 and 2001? it was the string from byte 256 or 257 and on in a web page url.

    the iis servers did not check the length of the buffer.

    now that has been solved because sites like ebay allows very long urls by the time you get lots of excluded keywords in there.

    so why couldnt they do it again and check the length of the buffer whether it is a text entry field like this comment box or the length of the file and not allow it to run.

  8. @sexiwasd
    Are you running as root?
    Maybe you should try running updatedb first?
    If you still can’t find it I’ll bet Richard Bloody Stallman stole it!

  9. As for not finding it, w7 is particularly authoritarian in hiding files, it’s located in windows/system32 as well as windows/syswow64 if you run a 64bit flavor.

    And as for not using a player that uses it, that would not work since then you still have the preview icon that’s created by windows, so you’d have to remove previews again (again since windows had a similar issues twice already)
    And even then, most players that have their own codecs still fall back to windows stuff when meeting some formats.

    I have my own question to add: Did anybody at MS ever code anything with some kind of check on the input to stop buffer overflow? Or did gates fire you if you showed competence?

    @spit He’d delete it not steal it.

  10. Another good reason to switch to Linux. On my last computer build I used Ubuntu and then I switched my server to Debian. Next I switched my kitchen computer to Linux Mint and I am now Microsoft free. There was a big learning curve after running Windows for so many years so I look at that as a “hack”. Well worth the effort, give it a try.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s