It has been found that Sony has deliberately rigged a number of audio CDs so that if you play them on your computer a "root kit" and a number of "hidden" files are installed that hide portions of your own registry from you, change significant computer operating characteristics, and cannot be removed by most users. The method that Sony used to hide the registry entries has been shown to be capable of being exploited by others to install malware on your computer, which presumedly would be just as difficult to remove as the Sony program.

The only description thus far of what CDs may be affected is "Sony's latest batch of CDs from Switchfoot, Van Zant and others".


When Vendors Install Malware is an editorial comment by Larry Seltzer at eWeek that gives a general description of what Sony has done, in fairly non-technical terms.

Sony to Help Remove Its DRM Rootkit by Nate Mook, also at eWeek, summarizes a BetaNews report, and probably gives as much info as most will want. It includes a link to the full BetaNews article.

An "update" has been released that doesn't hide all of the crud that Sony installs, but expert opinion is that it does NOT make it removable. Attempting to remove it probably will disable your CD drive. It apparently only "makes visible to you" the vulnerability that can be exploited by other malware, but does nothing to remove it.

In order to get "Sony Help" to remove their crud, you must provide the specific identification for the CD you got it from (will you know which one it was?) AND authorize them to send you release information for the performer(s) on the CD (and presumably anything else they choose to use in the name of advertising).

John