Macrovision released an updated driver that fixes a serious problem with the company's digital rights management technology. The vulnerability, which affects Windows XP and Windows Server 2003 systems, could allow a local user to gain elevated privileges.
Symantec first reported the issue nearly a month ago, however both Microsoft and Macrovision remained mum about the matter until this week. Exploits are circulating in the wild although the risk level is still minimal at this time.
People can download a new version of the affected driver (secdrv.sys) at Macrovision's site or disable the driver by editing the Windows registry. Details of how to disable the driver are available in the "workarounds" section of Microsoft's related advisory, "Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow Elevation of Privilege."