Alpha-DVD Developer Denies Rootkit Presence
Settec Inc,,Alpha-DVD copy protection developer, denies the presence of rootkits on two popular german DVD titles: Mr. & Mrs Smith, and Edison. Security firm F-Secure who also uncovered the presence of rootkits in Sony BMG's audio CDs, and German web site Heise online have confirmed the presence of this rootkit.
Both sites claim the rootkit discovered only on German DVDs is generated by Alpha-DVD, a copy protection mechanism that needs to be installed unto a Windows PC in order to read the two German video-DVDs.
The main purpose of the Alpha-DVD copy protection is to block all attempts to launch DVD burning and copying applications as long as the original DVD-Video is present in the computer's drive. However, Heise claims it has found that Alpha-DVD also manages to affect the operation of CD/DVD burning applications with some DVD writers, regardless of whether the copy-protected disc is present or not.
According to Heise, Alpha-DVD installs three files to system32 directory and loads into memory. The copy protection hides from the Task Manager by injecting a library into all running user level processes.
There is no simple way for Windows users to know whether Alpha-DVD is installed on their machines.This library can easily be misused by third-party software for malicious purposes it creates security risk for Windows PC users.
Settec Inc., a Korean company spun off from electronics giant LG and developper of Alpha-DVD says that its company?s technology "does not fall into the category of rootkit-related technology since it does not adhere to the definition of Antispyware Coalition. Currently, we acknowledge the fact that the definition of rootkit is debatable, since each professional anti-piracy software institute has somewhat different opinions regarding it."says Settec in its official statement released to respond to the rootkit announcement.
"However, in light of the issues brought up by Heise, we have readied an update to address the concerns raised in the article. We are waiting for our client's review before releasing the update patch. This upcoming patch should eliminate those potentially debatable elements in our software, which would eliminate the potential security weakness.", continues the statement.
The indentity of the "client" who will submit the review and the release date of the patch have not been confirmed yet by Settec Inc.
Alpha-DVD can be uninstalled at the following link. To read the entire article on the rootkit presence and how it was discovered go to HEISE online.
The main purpose of the Alpha-DVD copy protection is to block all attempts to launch DVD burning and copying applications as long as the original DVD-Video is present in the computer's drive. However, Heise claims it has found that Alpha-DVD also manages to affect the operation of CD/DVD burning applications with some DVD writers, regardless of whether the copy-protected disc is present or not.
According to Heise, Alpha-DVD installs three files to system32 directory and loads into memory. The copy protection hides from the Task Manager by injecting a library into all running user level processes.
There is no simple way for Windows users to know whether Alpha-DVD is installed on their machines.This library can easily be misused by third-party software for malicious purposes it creates security risk for Windows PC users.
Settec Inc., a Korean company spun off from electronics giant LG and developper of Alpha-DVD says that its company?s technology "does not fall into the category of rootkit-related technology since it does not adhere to the definition of Antispyware Coalition. Currently, we acknowledge the fact that the definition of rootkit is debatable, since each professional anti-piracy software institute has somewhat different opinions regarding it."says Settec in its official statement released to respond to the rootkit announcement.
"However, in light of the issues brought up by Heise, we have readied an update to address the concerns raised in the article. We are waiting for our client's review before releasing the update patch. This upcoming patch should eliminate those potentially debatable elements in our software, which would eliminate the potential security weakness.", continues the statement.
The indentity of the "client" who will submit the review and the release date of the patch have not been confirmed yet by Settec Inc.
Alpha-DVD can be uninstalled at the following link. To read the entire article on the rootkit presence and how it was discovered go to HEISE online.