A pair of vulnerabilities has been discovered in the hardware and software used for playing Blu-ray discs, by Stephen Tomkinson of NCC Group, a U.K. based security consultancy. Stephen succeeded in highlighting the same with the help of a self-engineered Blue-ray disc, which helped him in identifying the type of player the disc is running.
Presenting the research at the Securi-Tay conference at Abertay University in Scotland, Stephen came out with two exploits – both the hardware and the software of Blu-ray disc was capable of installing malware on a computer. The first problem has been detected in PowerDVD- an application made by Taiwanese company CyberLink for playing DVDs on Windows based PC. This application is often shipped preinstalled on computers from all major brands including HP, Dell, Acer, Lenovo, Toshiba and ASUS.
Blu-ray discs use a variation of Java called ‘Blu-ray Disc Java’, which further helps the device in offering rich content like dynamic menus and embedded games. To offer enriched user interface, Blu-ray Disc Java makes the use of ‘xlets’ or small applications, which are usually prohibited from accessing computer’s operating system and file system for security reasons. But, as per Stephen, Xlet was able to access Sandbox, a security mechanism used for separating running programs, and launch malicious executable codes, which is indeed the first flaw found in PowerDVD.
The second vulnerability has been found in the Blue-ray player disc hardware. To find the vulnerability in Blu-ray player’s hardware, Stephen used an exploit written by Malcomm Stagg to get root access on a Blu-ray player. Once Stephen got the root access on a device, he tricked the system into running a command that could install malware. He even found it was possible to write an Xlet that misled a small client application called ‘ipcc’ running within the local host into launching a malicious file from Blu-ray disc.
Security flaws take time to get fixed; users cannot afford to compromise their security in the meantime. So, here are some defensive precautions shared by Stephen that can help you prevent malware invasion on your PC:
- Avoid using Blu-ray discs that come from unknown sources.
- Prevent Discs from running automatically.
- Turn off the capability allowing Blu-ray players to connect to the Internet or block it from connecting to a network.
Notably, malicious media has been used frequently in the past to attack specific targets. In the last month itself, Kaspersky Lab wrote about the Equation group, a highly advanced group of attackers suspected to be from the NASA, of using CD-ROM. Here, the CD contained two zero-day exploits and a rarely known malware which was nicknamed Doublefantasy.
There are many ways of infecting computer and this Blu-ray disc vulnerability is one of them. To ensure your PC is free from malicious objects and safeguarded from online threats, install the best security software. Internet borne threats are looking out for slightest miss to infect your PC. So, act before it gets too late.