Security Explorations, a research lab of AG Security Research company, conducted a security analysis of Microsoft Warbird and Protected Media Path (PMP) technologies, revealing several vulnerabilities. PMP aims to secure content, particularly PlayReady DRM, in Windows OS environments, utilizing crypto, code integrity, authentication checks, whitebox crypto, and code obfuscation. Warbird, a compiler technology, encrypts and obfuscates binaries, making reverse engineering difficult. The research uncovered deficiencies in various PMP components, allowing attackers to access plaintext content keys guarded by PlayReady, compromising content security. Exploiting vulnerabilities in Windows OS, attackers could decrypt high-definition movies protected by PlayReady. Affected streaming platforms include Canal+ Online, Netflix, HBO Max, Amazon Prime Video, and Sky Showtime. The attack scenario involves extracting plaintext content keys from Protected Media Path processes, exploiting a window during which content keys are XORed. The research identified two magic key sequences used across Windows OS versions since 2022. Despite Microsoft's invitation to disclose technical details through MSRC, Security Explorations declined, citing the need to protect intellectual property and the potential risk to future projects. Content security in the streaming industry is crucial, given the sector's $544 billion valuation. While potential mitigations include transitioning to other content protection technologies, the research underscores the vulnerability of technologies like Microsoft PlayReady. The impact of content key extraction could lead to unauthorized access to premium video content, potentially disrupting streaming services. The research serves as a wake-up call for the industry to prioritize content security in the face of evolving threats.
In the latest Data Breach Investigations Report (DBIR) by Verizon, it was revealed that breaches stemming from third-party vulnerabilities surged by 68% last year 2023, driven prim...
A significant data breach has affected an unknown number of serving UK military personnel, according to reports from the BBC. The breach targeted a payroll system used by the Minis...
A new malware targeting both Intel and ARM-based Mac computers has been discovered by cybersecurity firm Kandji. Dubbed "Cuckoo," the malware disguises itself as legitimate...