Antivirus firms are considering protecting their customers from the digital rights management software used by Sony on some CDs.
Kaspersky Labs has classed Sony's DRM software as spyware because, among other things, it can cause crashes and loss of data and it can compromise system integrity and security.
Explaining its decision, Kaspersky said it used the definition of spyware provided by the Anti-Spyware Coalition. Sophos is similarly scathing of Sony and is calling the software "ineptware".
The issue reaches much further than the individual PCs of those users who buy particular Sony CDs, say the antivirus companies. The DRM software uses what is known as a rootkit, which means that it is invisible to the operating system, to most anti-virus and security software and to IT departments trying to cope with security on user's desktop and notebook PCs.
Furthermore, say the antivirus companies, the software can be exploited by hackers and viruses and used to cloak any file from the operating system.
"The Sony rootkit can be used to hide any files from the operating system, so we think the way that Sony has implemented this is somewhat flawed," said Graham Cluley, senior technology consultant at Sophos. "The danger is that other malware may come along which exploits the Sony rootkit."
Due to what Cluley said is a lack of malicious intent on Sony's part, Sophos is not defining the rootkit itself as malware, preferring instead to refer to it as ineptware.
"We don't really believe this is malware and so we don't currently detect it," said Cluley. However, he said detection for rootkits like that used by Sony will be built into Sophos Antivirus version 6, due out in 2006. "This is potentially unwanted...
For more, click here...