In association with heise online

28 August 2007, 13:53

Sony MicroVault software has rootkit function

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Warnings raised by F-Secure anti-virus have made the vendor aware of a problem with the support software bundled with Sony's MicroVault USM-F USB stick with fingerprint reader. The software hides on the system using rootkit techniques. This is not a first from Sony. In 2005, the Sony-Bertelsmann operated music subsidiary Sony BMG drew attention to itself with a copy protection mechanism for audio CDs that also implanted itself on the computer as a rootkit.

After installation, the fingerprint reader support software hides a subdirectory of C:\Windows\. Malware can also hide in there. Not only the software from the provided CD, but also the updated version from Sony's website install themselves as a rootkit.

The software probably uses its rootkit functions to prevent manipulation of the authentication system – in contrast to the copy protection rootkit, which tried to revoke user access. Apparently the MicroVault USB sticks in question are older products that are no longer being manufactured. Those not reliant on the software should preferably uninstall it, in order to eliminate a hiding place for malware. It is possible that Sony will be releasing an additional version which doesn't use rootkit techniques.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit