Bonum Certa Men Certa
Novell News Roundup: GroupLink, Bahrain's MOSD, Messaging Architects, SAP, and Training in India | Windows Insecurity Becomes a Political Issue

Microsoft DRM Makes More Windows Botnets, Adds No Security

Access control



Summary: New exploit takes advantage of Microsoft DRM (remotely-exploitable vulnerabilities), Engadget reviles DRM

Exploit-db.com has this new entry titled "Microsoft DRM Technology (msnetobj.dll) ActiveX Multiple Remote Vulnerabilities"



"Sort of what the FSF was saying back in the day MS released Vista with its flood of DRM embedded in it," remarked Chips B. Malroy on it. Here is what boingboing.net had to say about it:

Microsoft's DRM makes your computer vulnerable to attack



The msnetobj.dll library is an ActiveX control used by Microsoft's DRM; it is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling it or interfering with it.


"DRM Library From Microsoft Opens Your Computer to Attacks," said IDG a few days later, citing boingboing.net.

"The msnetobj.dll library, an ActiveX Network Object, is no exception: according to BoingBoing, msnetobj.dll “is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling” the library.

"Aside from mandating what sort of files you can and can’t open on your computer, msnetobj.dll is susceptible to three different types of attacks: denial of service, buffer overflow, and integer overflow. Exploit Database notes that “this issue is triggered when an attacker convinces a victim user to visit a malicious website” and that a hacker could then exploit these holes to run malicious code on your system."

An Engadget editor goes against DRM (very publicly in fact) some time during the weekend. Who can possibly blame him?

It's been said so many times, but I just got stung hard by the DRM bug, and since there's a "Senior Associate Editor" next to my name somewhere I get to complain about it. Now, if you're a regular consumer with a modicum of common sense, nothing I'm going to say here will come as a surprise or revelation. You're welcome to come along for the ride, but I'm pointing my quivering pen today at the media execs and their willing technologist accomplices that have the nerve in 2010 to enforce HDCP and other completely inane DRM and copy protection schemes to "protect" their content from theft...


The genesis of DRM and its conception was partly rooted in Bill Gates about a decade ago. It wasn't until Vista that they made it part of Windows (Vista 7 has that too).

“[Vista DRM] seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.“

--Peter Gutmann

Novell News Roundup: GroupLink, Bahrain's MOSD, Messaging Architects, SAP, and Training in India | Windows Insecurity Becomes a Political Issue

Recent Techrights' Posts

SLAPP Censorship - Part 80 Out of 200: Having Run Out of Time to Meet a Judge's Deadline, Microsoft's Graveley Had Garrett's Lawyers Argued My ~190-Page Defence and CounterClaim (DCC) Was Unclear About My Position
Nothing could be further from the truth
 
Cooperation and Collaboration, on a More Personal Level
Rianne, to me, isn't just a wife; she is also my best friend
IBM Has Payroll Problems (Just Like Microsoft)
It's a good thing that many nations around the world are, accordingly if not proactively, divesting from GAFAM
Links 18/05/2026: 25 Years of OLDaily and Dangers of "Living With Too Much Tech"
Links for the day
Trips to London
London isn't a bad place, but it's a long journey and we'd rather stay in Manchester and write about technology
Working in the Shell (and Fish)
Yesterday we spent about 5 hours on the shells and fish
The Corrupt Lecture the Non-Corrupt - Part XXVI - Campinos Has Put Unfit-for-Employment Drug Addicts in Charge of the European Patent Office (EPO)
How many months has Campinos got left before the delegates show him the door?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 17, 2026
IRC logs for Sunday, May 17, 2026
Gemini Links 18/05/2026: Poetry, Sauna, and GNU Taler
Links for the day
"The Society of Media Lawyers" (UK) is a Truly Malicious Anti-Media Lobby Which Helps Rich/Abusive Americans and Hostile Countries Attack Actual Media Workers in the UK
They typically source their money from aboard to besiege domestic actors (like honest journalists or independent outlets that document suppressed beats/topics)
Slop Still Waning, Its Momentum is Driven by Companies That Stand to Lose a Lot (or Everything) When the Bubble Pops
When it comes to LLM slop disguised as news, it's just not working out
Gemini Links 17/05/2026: arXiv Brings Down the Hammer, UnderPOWERed, and Slopping With Tcl/Tk
Links for the day
Links 17/05/2026: Amazon Employees Herded Into Slop, Taiwan Sold Down the River by Cheeto
Links for the day
Links 17/05/2026: Society of Media Lawyers (Brett Wilson LLP et al) Lobby for More SLAPPs in the UK, “Courage in Journalism Award” Given in Oppressive Country
Links for the day
Finland Needs to Dump Microsoft (Microslop) for National Security Reasons and the Same is True for Hundreds of Countries
"I don't see why Ryssäs would want Finns to use microslop products..."
Cyber Show UK is Already Available Over Gemini Protocol
This past week the total number of active Gemini capsules hit all-time records several times
Fight Til the End
This comes to show that persistence pays off
SLAPP Censorship - Part 79 Out of 200: They Will Soon Reach the 100 KG (Kilograms) Milestone; Wheelbarrows, Not Justice (Quantity of Legal Papers Sent to Us)
It's about the quality, not quantity (unless your sole aim is to drown out or "flood the zone")
The Corrupt Lecture the Non-Corrupt - Part XXV - Not Bringing Intelligence to the EPO, Not 'Artificial Intelligence' Either (But Intelligence-Eroding Drugs)
The EPO was meant to be about science and law. In practice, however, it's about breaking the law and being stoned.
The Cyber Show on Why Coding is Important and Slop Cannot Change or Replace That
Hand-crafting one's site has plenty of advantages
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 16, 2026
IRC logs for Saturday, May 16, 2026
Gemini Links 17/05/2026: Music Theory, Reticulum Git Repos, and Releasing Kiln
Links for the day
Links 16/05/2026: Cuba Plunges Into Darkness (Energy Wasted by Nonsense), Googlebooks as Slop Nonsense (Energy Waste and Time Wasted)
Links for the day
Links 16/05/2026: Climate Issues, Free Speech, and Monopolies/Monopsonies
Links for the day
Gemini Links 16/05/2026: Retreat and Devuan Manuals
Links for the day
SLAPP Censorship - Part 78 Out of 200: Slandering Me for Saying the Truth About Graveley and Garrett's Abuse of Processes, Stacking Dockets
These are the sorts of things British taxpayers ought to talk about
"AI" Became a New Name or Placeholder for Debt
Because they will only ever lose money for this thing with "tokens" or "potential"
"Microsoft Goodwill and Intangible Assets" Down Two Years in a Row, According to Microsoft
Microsoft cannot sell these, so what is their real relevance?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 15, 2026
IRC logs for Friday, May 15, 2026
IBM: Shares Down 30%, Mass Layoffs, IBM Says "Goodwill" Grew by 10% to Over a Third of the Company's Total "Worth"
According to IBM
Microsoft LinkedIn Layoffs "Very Likely Higher" Than 1,000 People
Microsoft is bleeding