Sony Uninstaller Prone to Exploit 2

After the XCP DRM and the exploitable uninstaller, another DRM was discovered which is said to be a spyware from SUNNCOMM. Sony, again, released an uninstaller for the said program. Unfortunately, there are reports that the second uninstaller has exploits in it.

Begin start quote

“It turns out that the web-based uninstaller SunnComm provides opens up a major security hole very similar to the one created by the web-based uninstaller for Sony”s other DRM, XCP, that we announced a few days ago.”

End quote


The report stated that the new security flaw is different with the first one reported.

Begin quote

“To be clear, the SunnComm security flaw does not apply to the software that ships on CDs, but only to the uninstaller that SunnComm distributes separately for removing the CD software. So if you haven”t used the uninstaller, you”re not vulnerable to this flaw and you don”t need to do anything.”

End quote


The CLSID for the second ActiveX is {1F1EB85B-0FE9-401D-BC53-10803CF880A7}. We can use the workaround suggested in the related blog “Sony’s uninstaller is prone to exploit!!!”.

Here’s the complete story about the spyware:
Sony Shipping Spyware from SunnComm, Too

and for the controversial uninstaller:
Not Again! Uninstaller for Other Sony DRM Also Opens Huge Security Hole

Whew! Sony sure have a hard time these past days. :)