![]()
Owners of Sony’s MicroVault USB memory stick may well be digging nails into bloody palms and furiously grinding their teeth following news that the seemingly innocuous little device can potentially render computer systems open to attacks by nefarious hackers, reports Reuters.
More pointedly, researchers from two separate Internet security groups have discovered that the MicroVault USB memory stick and fingerprint reader is secreting a hidden directory – or rootkit – onto the computer hard drives of its users. The rootkit can subsequently provide the perfect home for viruses and other malicious hacker code because security software and anti-virus programs are often unable to spot the infections contained within them.
Finnish security software company F-Secure reported the uncovering of Sony’s latest rootkit hiccup via its official blog on Monday, with researchers explaining that informative communications had been dispatched to Sony prior to public release of the news, but the Japanese consumer electronics firm had failed to respond.
The following day, California-based Internet security company McAfee Inc. also confirmed the existence of Sony’s rootkit vulnerability, outlining that the rootkit’s design was to "cloak sensitive files related to the fingerprint verification feature" of the MicroVault USB drives. "However, [its] software creators apparently did not keep the security implications in mind," commented McAfee spokesman Dave Marcus regarding the exploit-friendly rootkit. "The application could be used to hide arbitrary software, including malicious software."
Hopefully this particular problem-in-waiting will be tasked considerably quicker – and with markedly better results – than Sony’s previous brush with rootkits, which reared its ugly head in 2005 when the company’s CD-based Extended Copy Protection and MediaMax CD-3 software was installed on customer hard drives and promptly interfered with the Windows OS and opened security holes for the hacking community to exploit.
In an attempt to rectify the glitch, Sony famously released a software utility for affected users in order to remove the potentially dangerous rootkit. However, this only magnified the problem and rendered systems even more prone to possible attack. Sony eventually released another utility that did actually solve the matter, but that didn’t prevent a number of parties from suing Sony for distributing faulty music CDs – which amounted to some 50 separate titles, all of which had to be recalled.
Your Talkback on this Story