write ActiveX programs (controls) for Windows that need to be downloaded by Internet Explorer (or any sub-fraction thereof).

•Read about the author/company who holds the Author Key•Read uncensored comments by users that have also downloaded ActiveX Controls from this author•View a 'partisan' review and recommendation that is identified as coming from Microsoft•Read a disclosure of how the author/company has financial ties with Microsoft•Lastly, decide to download the User Key for this specific Control.

said by dave:

---

I agree, but how else are you going to do it?

---

>> But why can't I just cripple IE instead? I typically rename IEXPLORE.EXE, which might be enough in some circumstances, but there's nothing to prevent further dismantling. And of course disallowing Windows Explorer's Internet rights in my personal firewall software.

So do I correctly gather that if you stay away from MS DRM, use alternate players, and use any browser except Internet Explorer, then WMV files are fairly safe?

quote:

---

FWIW we're currently looking at another source of parasite-poisoned DRM'd media files that *does* seem to point to a IE security hole exploit (CoolWebSearch, again).

---

>> In retrospect, it all looks like a high-tech game of "telephone."

said by suzi:

---

I ended up with 11 desktop shortcuts for everything from "Get This Weeks Deals from Dell" to ...

---

Overpeer, a subsidiary of Loudeye, has been caught hiding adware and spyware within Windows Media files. [emphasis in original]

According to PCWorld and TechDirt, Windows DRM contains a flaw that allows for attakcers [sic] to create music files that contain trojans that attack your computer when you play them. [emphasis added]

said by edbott :

As I've said since Day One, I believe that this is a security flaw and that Microsoft needs to issue a patch to Windows Media Player 9 and release it as a Critical Update. That's a far cry from an "attempt to minimize and pooh-pooh the risk or to subtly suggest that users are the problem for not upgrading to XP SP2 and for clicking through installation prompts."

said by Ed Bott:

---

The programs in question are digitally signed and are from known companies. The terms of service make it clear what you're getting. It takes one click and 10 seconds of reading to realize that the correct answer is no.

---

said by Ed Bott:

---

But really, isn't that the real problem here? People running old operating systems, with only a dim awareness of the need to do updates and a willingness to install anything? ... But how likely is it that the type of user Suzi is describing will download and install that patch?

---

said by Microsoft:

---

Security Upgrade
Owners of secure content may also require you to upgrade some of the DRM components on your computer before accessing their content. When you attempt to play such content, Windows Media Player will notify you that a DRM Upgrade is required and then ask for your consent before the DRM Upgrade is downloaded (third party playback software may do the same). If you decline the upgrade, you will not be able to access content that requires the DRM Upgrade; however, you will still be able to access unprotected content and secure content that does not require the upgrade. If you accept the upgrade, Windows Media Player will connect to an Internet site operated by Microsoft and will send a unique identifier along with a Windows Media Player security file. This unique identifier does not contain any personal identifiable information. Microsoft will then replace the security file with a customized version of the file that contains your unique identifier. This increases the level of protection provided by DRM.

---

said by SpiderSearch.com:

---

By downloading our Free Porn Software you agree to receive ads of adult nature.

---

said by iDownload.com/iSearch.com:

---

2. Functionality - Software delivers advertising and various information and promotional messages to your computer screen while you view Internet web pages. iSearch is able to provide you with Software free of charge as a result of your agreement to download and use Software, and accept the advertising and promotional messages it delivers.

By installing the Software, you understand and agree that the Software may, without any further prior notice to you, automatically perform the following: display advertisements of advertisers who pay a fee to iSearch and/or it's partners, in the form of pop-up ads, pop-under ads, interstitials ads and various other ad formats, display links to and advertisements of related websites based on the information you view and the websites you visit; store non-personally identifiable statistics of the websites you have visited; redirect certain URLs including your browser default 404-error page to or through the Software; provide advertisements, links or information in response to search terms you use at third-party websites; provide search functionality or capabilities; automatically update the Software and install added features or functionality or additional software, including search clients and toolbars, conveniently without your input or interaction; install desktop icons and installation files; install software from iSearch affiliates; and install Third Party Software.

In addition, you further understand and agree, by installing the Software, that iSearch and/or the Software may, without any further prior notice to you, remove, disable or render inoperative other adware programs resident on your computer, which, in turn, may disable or render inoperative, other software resident on your computer, including software bundled with such adware, or have other adverse impacts on your computer.

---

said by Suzi:

---

I installed the same WMA file on an old Win ME box with no protection except AVG free and the free version of Zone Alarm. I ended up with 11 desktop shortcuts for everything from "Get This Weeks Deals from Dell" to "Get Sex Toys Direct", "Hot Facial xxx Shots", and so on. Not to mention all the other crapware. None of them had EULA's except for the GAIN dash bar. That machine was infected faster than you could take a couple of deep breaths.

It took me nearly 2 hours to clean it up and I know what I'm doing. Image the "normal" user who doesn't have a clue. The computer becomes essentially useless until it's cleaned up.

---

WMP "Security Upgrade"

"License Acquisition"

"Ultra Web Host LLC"

"Required Media Player Version 9 Browser Update"