Hackers exploiting bug in DRM shipped with Windows

Microsoft said Monday that it would patch a vulnerability in third-party anti-piracy software bundled with Windows after it acknowledged that hackers are already exploiting the bug. According to the researcher who first reported the flaw, Microsoft has known of the vulnerability for at least three weeks.
In a security advisory issued late Monday, Microsoft said it would issue a fix for a vulnerability in an older edition of "secdrv.sys" -- a file also also known as Macrovision Security Driver -- that's part of the SafeDisc copy-protection scheme that Macrovision licenses to game publishers.
"The driver, secdrv.sys, is a dispatch driver developed by Macrovision and shipped on supported editions of Windows Server 2003, Windows XP, and Windows Vista," Microsoft said in the advisory. "This vulnerability does not affect Windows Vista."