Sony to issue patch for 'rootkit' USB drives


September 5, 2007

Following security concerns about Sony’s Micro Vault USB thumb drives, the company plans to issue a patch which will remove software installed by the device.

Security firm F-Secure found that the Sony MicroVault USM-F fingerprint reader software, which comes with the USB thumb drives, installs a hidden directory under Windows.

The directory is designed to protect the drive’s fingerprint authentication feature, but it could also hide malware which might then go undetected by some antivirus scanners.

Sony attributes the problem to code supplied by a third-party developer from China. It has now discontinued production of three of the devices due to a drop in sales.

The three discontinued models are the USM-128C, USM-256F and USM-512FL, all of which have embedded fingerprint reader.

The patch could be available by mid-September.






 

Comments are closed.

Visited 554 times, 1 so far today