Sony’s Confirms Dodgy USB Sticks September 5, 2007

Read more Gizmodo UK , PC , Peripherals , Software , Storage

Sony is back on the rack this week after admitting that there’s a security flaw in some of its USB sticks that could leave your PC open to attack from undesirable folk.

The vulnerability was discovered by F-Secure and confirmed by McAfee, and relates to three of Sony’s MicroVault USB sticks with fingerprint readers. The flaw resides in the bundled software – written by a third-party, Sony was quick to point out - which creates a hidden directory on the PC that could not be detected by the user or anti-virus software scanners. A Sony spokesperson said:

“While the software at the issue was developed by a third-party vendor in conjunction with our outsourced device manufacturer, as a precaution and to alleviate any potential concerns, we will be issuing a downloadable software to address the situation by mid-September.”

F-Secure said Sony’s DRM-infected CD fiasco of 2005 was somewhat similar since the XCP software then also created an exploitable security hole.-Martin Lynch

sony security USB