We reported the other day about new DRM-encumbered CDs from Sony that posed a security threat to users PCs. While Sony and SunnComm, the company responsible for the DRM, contend that the security risks were addressed with a recent patch, new reports suggest otherwise. Princeton s Ed Felton discovered that the patch itself poses a security risk, as malicious software can, in essence, booby-trap the patch as well as uninstall files, enabling the naughty code to automatically launch. Sony was quick to respond today with a new patch that supposedly fixes the problem. Let s hope that new fixes include forgetting about DRM in the first place.

Sony caught in another DRM snafu [ars technica]