Bonum Certa Men Certa
Novell News Roundup: GroupLink, Bahrain's MOSD, Messaging Architects, SAP, and Training in India | Windows Insecurity Becomes a Political Issue

Microsoft DRM Makes More Windows Botnets, Adds No Security

Access control



Summary: New exploit takes advantage of Microsoft DRM (remotely-exploitable vulnerabilities), Engadget reviles DRM

Exploit-db.com has this new entry titled "Microsoft DRM Technology (msnetobj.dll) ActiveX Multiple Remote Vulnerabilities"



"Sort of what the FSF was saying back in the day MS released Vista with its flood of DRM embedded in it," remarked Chips B. Malroy on it. Here is what boingboing.net had to say about it:

Microsoft's DRM makes your computer vulnerable to attack



The msnetobj.dll library is an ActiveX control used by Microsoft's DRM; it is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling it or interfering with it.


"DRM Library From Microsoft Opens Your Computer to Attacks," said IDG a few days later, citing boingboing.net.

"The msnetobj.dll library, an ActiveX Network Object, is no exception: according to BoingBoing, msnetobj.dll “is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling” the library.

"Aside from mandating what sort of files you can and can’t open on your computer, msnetobj.dll is susceptible to three different types of attacks: denial of service, buffer overflow, and integer overflow. Exploit Database notes that “this issue is triggered when an attacker convinces a victim user to visit a malicious website” and that a hacker could then exploit these holes to run malicious code on your system."

An Engadget editor goes against DRM (very publicly in fact) some time during the weekend. Who can possibly blame him?

It's been said so many times, but I just got stung hard by the DRM bug, and since there's a "Senior Associate Editor" next to my name somewhere I get to complain about it. Now, if you're a regular consumer with a modicum of common sense, nothing I'm going to say here will come as a surprise or revelation. You're welcome to come along for the ride, but I'm pointing my quivering pen today at the media execs and their willing technologist accomplices that have the nerve in 2010 to enforce HDCP and other completely inane DRM and copy protection schemes to "protect" their content from theft...


The genesis of DRM and its conception was partly rooted in Bill Gates about a decade ago. It wasn't until Vista that they made it part of Windows (Vista 7 has that too).

“[Vista DRM] seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.“

--Peter Gutmann

Novell News Roundup: GroupLink, Bahrain's MOSD, Messaging Architects, SAP, and Training in India | Windows Insecurity Becomes a Political Issue

Recent Techrights' Posts

Brett Wilson LLP Reported to Police for Trying to Throw Large Parcel Into Our Home
This morning the campaign of intimidation...
Slop Has no ROI, an Economy Built on False Assumptions of Slop is Doomed
we're all going to suffer from this Ponzi scheme
The Cyber Show Has "Exciting Guests Coming" and a Gemini Capsule
"Site development is ongoing but now settling into a more stable form"
Banning Things Versus Teaching People the Reason/s to Shun/Boycott Those Things
Prohibition has its limits
 
Links 08/06/2026: "Rising Emissions, Depleting Water" Due to the Pyramid Scheme of Slop; "Canada Needs to Rebuild Public Telecoms"
Links for the day
GAFAM Bots Are Not "Good Bots"
There's nothing "Good" about Google
Links 08/06/2026: Criticism of Microsoft Trying to Criminalise Pointing Out Bug Doors, TikTok Now "Climate-Denying Social Media App"
Links for the day
GNU/Linux Measured at 10% in Liechtenstein This Month
it seems like statCounter wrongly classified some GNU/Linux clients as Mac clients and is now issuing a correction
Communicating With Freedom - Part III - Quibble Envisioned as a New and Easily Accessible Communications Platform Based on LibreJS
the FSF really needs to become more active if not proactive in promoting those sorts of things
Clownflare Says Majority of Web Traffic is Now Bots, But the Net is Another Story
Bots are to Clownflare what lawsuits are to lawyers
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 07, 2026
IRC logs for Sunday, June 07, 2026
The Strikes at the European Patent Office Planned to Carry on for the Entire Year, Maybe Future Years as Well
There's a cautionary tale somewhere
Number of Patent Grants Has Plunged 23% Amid Strikes at the European Patent Office, Today There Are More Strikes (Strike Participation at Over 3,000, More Than Doubled Since Winter)
There is a growing crisis at the European Patent Office
E.E.E. Still Ongoing, the War on Copyleft/GPL Enables That
It also imperils security.
Gemini Links 07/06/2026: Lynx in the 'Modern' Web and 'Overcooked' (Plagiarised by LLM) Code
Links for the day
Links 07/06/2026: Java Needs Seawall, Egypt Blasted for Arbitrary Detention of Activists
Links for the day
SLAPP Censorship - Part 100 Out of 200: Interlude and Outline of the First Half, 3+ Months That Got Us Death Threats Connected to Brett Wilson LLP (and Cyber Attacks That Are Difficult to Attribute)
This week we plan to have a good time
Links 07/06/2026: NASA's Mars Maven Declared Dead, Telegram Founder Pavel Durov Bemoans Russia's Crackdown
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 06, 2026
IRC logs for Saturday, June 06, 2026
Gemini Links 07/06/2026: How to Train Your Dragon (2010) and "Six Days of Play"
Links for the day
Links 06/06/2026: 'Epstein Problem' in Board of Directors of Microsoft, Surveillance Giant Google Under Legal Threats for Online Misuses
Links for the day
Software Freedom Takes a Lot More Than Coding
some of the roles in the Free software community that don't receive (m)any grateful words
Ubuntu is Losing to Other GNU/Linux Distros
"Linux Mint"
Old Articles Explaining That Patents - Especially Software Patents - Are Bad for Innovation
We've omitted more than 50% of the articles we had gathered as candidates for inclusion
European Patent Office (EPO) Crisis: Huge EPO Strikes, Profound Corruption, and Cocaine Use by Managers Tolerated
These strikes won't be ending any time soon
Why GNU and FSF Will Choose AV1 Over AV2 (It's More Widely Supported)
for the foreseeable future they'll stick with AV1
Mass Layoffs (RAs) and PIPs (Excuses to Sack) at IBM: Insiders Tell No Relation to Actual Performance
If many thousands are impacted by this, then certainly it is newsworthy
Links 06/06/2026: LinkedIn Infested With Spies, Ethernet WiFi Router On Pi Pico 2W
Links for the day
25 Years With PalmOS
That my Palm PDA still works in 2026 (not in mint condition but close to that) says a lot about the "build quality" of gadgets 20+ years ago
Why We Dumped Online Shopping (Groceries)
subsidies kept the "online" stuff artificially cheap
Microsoft Fell to All-Time Low in Monaco Last Month
So says statCounter anyway
Lawsuits That Don't Work
Not as expected anyway
SLAPP Censorship - Part 99 Out of 200: Graveley and Garrett Seem to Have Crashed Brett Wilson LLP (Worse Than Taking Russian Oligarchs as SLAPP Clients)
a state of disarray
Microsoft Has Spent Months Preparing Lists of People to Cull in Massive Wave of Layoffs (Allegedly Start of July)
There is some consensus that we're weeks away from mega-layoffs at Microsoft
Gemini Links 06/06/2026: "Competing" With LLMs and "Automation of Any Kind"
Links for the day
Links 06/06/2026: 'Linux' Foundation Openwashing Slop on Microsoft's Payroll, Ukraine Wants Permanent Ceasefire With Russia
Links for the day
50% of the 'Gains' Made by "Quantum" Hype Already Evaporated
"It was all hype about quantum nonsense. Heading back to reality now. Expect sub-$220 after earnings release next month."
Heap of Trash Online, Not Just the Fault of LLM Slop But Enabled by Slop
Google News has just promoted a pair of prolific slopfarms
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 05, 2026
IRC logs for Friday, June 05, 2026