There have been several significant developments in the Sony DRM story since my last post. The first is that, despite Sonyís and First 4 Internetís claims that their rootkit poses no security risk, several viruses have been identified in the wild that exploit the cloaking functionality provided by the rootkit. Besides F-Secure and Computer Associates, most antivirus companies were slow to label the Sony rootkit as a risk. But the discovery of viruses that use the rootkit to hide files has caused many to identify and disable the rootkit in their latest scanning signatures. My guess is that they were waiting for an actual security threat to shield them from a potential problem with Sony. For example, Microsoft initially responded cautiously when questioned about its position on Sonyís use of rootkits, but Jason Garms, a member of the Microsoft Windows Defender team (formerly Microsoft Antispyware), announced in the Windows Defender blog this weekend that Microsoft is also releasing signatures and a cleaner for the rootkit.