Microsoft Joins Fight Against Sony Copy-Protection
Microsoft will update its security tools to detect the rootkit-infected Sony XCP software.
Microsoft's security tools will be updated to detect the controversial Sony BMG copy protection software installed on PCs when some audio CDs are played, the software giant said over the weekend.
The Redmond, Wash.-based developer joins other security vendors -- including some which acted a week earlier -- to label the copy protection as spyware.
"We have analyzed this software, and have determined that in order to help protect our customers we will add a detection and removal signature for the rootkit component of the XCP software to the Windows AntiSpyware beta," wrote Jason Garms, the group program manager for Microsoft's anti-malware team, on his blog Saturday.
"Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems," added Garms.
Next month, Microsoft will also add the Sony rootkit to the worms, Trojans, and viruses detected and deleted by Windows Malicious Software Removal Tool, which is updated and re-issued the second Tuesday of each month.
Sony's copy-protection scheme has been under fire since the month began, with security researchers and vendors blasting Sony for using the rootkit, which could be used by attackers to hide malicious code. At least two Trojan horses using the Sony rootkit for just that purpose have been spotted.
Microsoft was not the first to blacklist the rootkit. Earlier, security firms such as F-Secure and Computer Associates had labeled slapped a spyware label on Sony's copy-protection.
Microsoft's move should be applauded by an overwhelming number of users, said U.K.-based security company Sophos, which on Monday released the results of an online poll that showed 98 percent of system administrators consider the Sony rootkit a security threat.
"System administrators have a very low opinion of any code which endangers the safety of their networks, and they have sent a loud and clear message to Sony and other companies that this kind of code is unacceptable," said Graham Cluley, a senior technology consultant at Sophos.
"In taking aim at the music pirates, Sony succeeded only in shooting itself in the foot."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.