this article appeared not long ago....
==========================================
Hackers Tune In to Windows Media Player DRM
Hackers are using the newest DRM technology in Microsoft's Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users.
Security researchers have detected the appearance of two new Trojans,
Trj/WmvDownloader.A and
Trj/WmvDownloader.B, in video files circulating on P2P (peer-to-peer) networks.
According to Panda Software, both Trojans take advantage of the new Windows anti-piracy technology to trick users into downloading spyware and adware applications.
"When a user tries to play a protected Windows media file, this technology demands a valid license. If the license is not stored on the computer, the application will look for it on the Internet, so that the user can acquire it directly or buy it," Panda Software explained.
An unsuspecting user attempting to download the DRM (digital rights management) license will instead be redirected to a Web site that loads a large quantity of adware, spyware, modem dialers and other viruses, the company said in an advisory.
"It's pretty ingenious," said Patrick Hinojasa, chief technical officer at Panda Software. "To take an anti-piracy feature and use it to feed spyware is extremely ironic."
Ben Edelman, a Harvard University student who tracks and comments on the spyware scourge, also spotted the spyware-laden media files. In a research note, Edelman posted a demonstration of the exploits and warned that users with older versions of Windows will receive "confusing and misleading messages" regarding the DRM licenses.
After attempting to download the DRM, Edelman said: "On a fresh test computer, I pressed Yes once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting."
"All told, the infection added 58 folders, 786 files and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer," he added.
===========================================
.....And what was Microsoft's response?
===========================================
Microsoft: No Plans to Tweak DRM Download Mechanism
Microsoft Corp. says it has no plans to change the way its Windows Media Player handles the download of DRM licenses.
Amid reports that malicious hackers are using the anti-piracy mechanism to infect computers with spyware, adware, dialers and computer viruses, Microsoft officials stressed that the latest attack scenario does not exploit a vulnerability in the software.
"Not every problem comes with an automatic technology solution. In this case, the priority is to educate users and get them to understand the importance of not downloading files from untrusted sources," said Mike Coleman, lead product manager with Microsoft's Windows division.
==============================================
And who's to say that someone won't download one of those infected videos and place them on a site you trust to download from? I hope people raise enough of a stink for MS to change their moronic mindsets...
You can read the full details at the following places:
Hackers Tune In to Windows Media Player DRM
http://www.extremetech.com/article2/0,1 ... 283,00.asp
Microsoft: No Plans to Tweak DRM Download Mechanism
http://www.eweek.com/article2/0,1759,1751259,00.asp
