Amazon.com has begun to recall and replace all the SONY-BMG XCP CDs bought from its site. They have also sent letters to users and have published a note on its website alongside all products that contain the XCP technology.
"Due to security concerns raised about the use of CDs containing this software on PCs, Sony has recalled these CDs and has asked Amazon.com to remove all unsold CDs with XCP software from our store. If you purchased this CD from Amazon.com, you may return it to us for a full refund regardless of whether the CD is opened or unopened. Just visit www.amazon.com/returns and indicate that the CD is "defective" as the reason for return," the Amazon note reads.
People with too much time on their hands have developed viruses that exploit the vulnerability in SONY-BMG’s rootkit DRM software, XCP (Extended Copy Protection) that came bundled with selected music CDs. Essentially, files whose names begin with "$sys$" were hidden from the user and could only be revealed by a rootkit scanner, such as RootKit Revealer.
What exactly is a rootkit? Here’s a definition from Wikipedia.com.
“A rootkit is a set of software tools frequently used by a third party (usually an intruder) after gaining access to a computer system. These tools are intended to conceal running processes, files or system data, which helps an intruder maintain access to a system without the user's knowledge. Rootkits are known to exist for a variety of operating systems such as Linux, Solaris and versions of Microsoft Windows.”
If you were clever enough to uninstall SONY’s rootkit, you ran the risk of making your CD-rom drive inoperable or having your computer repeatedly crashing or reboot. To make matters worse, if you downloaded and installed SONY’s “patch”, you created even more vulnerabilities on your computer. The patch, designed to remove portions of the XCP software that would allow the first vulnerability, actually installs another program on your computer that stays resident, after the patch has done its job. Believe it or not, but the way the tool works, it actually allows any web page that you visit to now download and execute code that it likes!!! Talk about going from the frying pan and into the fire!