Blu-ray exploit makes PowerDVD even more bloated

Exploit can run automatically

Blu-ray disks are harbouring two dangerous exploits that would allow an attacker to potentially launch executables remotely using a disk drive.

First reported by The Register, hacker Stephen Tomkinson found two separate vulnerabilities in Blu-ray disks involve the infamous piece of bloatware CyberLink PowerDVD and a rooting process that utilises an external USB.

The first one takes advantage of a dodgy Java code implementation in PowerDVD. The PC program uses Java to play DVDs and create menus, and the unique way in which the code is used allows it to be exploited. The end result are executable files that can be easily put onto Blu-ray disks and then run automatically from the disk drive even though Windows usually prevents this from happening.

Never use untrusted Blu-rays

The second exploit uses elements of hacker Malcolm Stagg's Blu-ray rooting process, which take advantage of debug code to launch from an external USB. Using this process, a Java Xlet to replay a TCP stream to the "net inf" daemon and this enables the Blu-ray disk exploit to take place.

Attackers must know the DVD player model in order to carry out an attack on their chosen target and Tomkinson is advising users not to play Blu-rays from untrusted origins. Users should also prevent disks from auto-playing or accessing the internet at any time.

Via: The Register