Only ZoneAlarm offered protection from the Sony Rookit threat even before it was made public, starting in July 2005. Norton & OneCare did not offer protection until later (November 2005).
Sony Rootkit response timeline
| Time | Event |
| August 10, 2000 | Sony Pictures Entertainment US senior VP, Steve Heckler's keynote at Americas Conference on Information Systems (AMCIS) suggesting, "The industry will take whatever steps it needs to protect itself and protect its revenue streams." [1] |
| April 2005 | Sony BMG began shipping CDs with rootkit-style features as part of a DRM technology. [11] |
| July 21, 2005 | With the release of OSFirewall® in ZoneAlarm 6.0 (ZoneAlarm protected customers before the rootkit was even made public). |
| October 31, 2005 | Mark Russinovich posted to his blog a detailed description and technical analysis of the characteristics of the software contained on Sony BMG music CDs. [2] |
| November 9, 2005 | McAfee provides detection and partial removal of the Sony Rootkit (it doesn't remove the rootkit, only the cloaking device). |
| November 11, 2005 | Norton provides detection and removal of the Sony Rootkit. |
| November 12, 2005 | An article on Freedom To Tinker discusses the SunnComm DRM found on some Sony BMG CDs. [3] |
| November 13, 2005 | Microsoft provides detection and removal of the Sony Rootkit. |
| November 14, 2005 | Sony announces that it is pulling the rootkit CD from store shelves and offering a buy-back program. |
| November 15, 2005 | On 2005-11-15, vnunet.com announced that Sony BMG was backing out of its copy-protection software, recalling unsold CDs from all stores, and offering consumers to exchange their CDs with versions lacking the software. [4] |
| November 16, 2005 | US-CERT, part of the United States Department of Homeland Security, issued an advisory on XCP DRM. They said that XCP uses rootkit technology to hide certain files from the computer user, and that this technique is a security threat to computer users. [5] |
| November 18, 2005 | Reuters reported that music publisher Sony BMG would swap affected insecure CDs for new unprotected disks as well as unprotected MP3 files. [6] |
| November 18, 2005 | Sony BMG provided a "new and improved" removal tool to remove the rootkit component of Extended Copy Protection from affected Microsoft Windows computers. [7] |
| November 21, 2005 | Texas Attorney General, Greg Abbott, sued Sony BMG. [8] |
| December 6, 2005 | Sony-BMG said that 5.7 million of its CDs were shipped with SunnComm MediaMax that requires a new software patch to prevent a potential security breach in consumers' computers. [9] |
| May 11, 2006 | Sony BMG's website offered consumers a link to "Class Action Settlement Information Regarding XCP And Mediamax Content Protection." [10] |
RELATED NOTES...
[1-10] Wikipedia Entry about Sony Rootkit
http://en.wikipedia.org/wiki/2005_Sony_CD_copy_protection_scandal
[11] Sony: You don't reeeeaaaally want to uninstall, do you?
http://www.sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html
..The DRM software Sony has been shipping on many CDs since April is cloaked with rootkit technology:. Sony denies that the rootkit poses a security...
ZoneAlarm date of Sony rootkit prevention:
July 21, 2005 with the release of OSFW in 6.0 [ZoneAlarm protected customers before the rootkit was even made public]
Sony Rootkit is publicly disclosed by Mark Russinovich:
Oct. 31, 2005
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
McAfee detection/partial removal:
[it doesn't remove the rootkit, only the cloaking device] Nov. 9, 2005
Norton detection/removal:
Nov. 11, 2005
Microsoft detection/removal:
Nov. 13, 2005
Sony announces it is pulling the rootkit CD from store shelves and offering a buy-back program:
Nov. 14, 2005