Microsoft PlayReady Complete Client Identity Compromise
Posted on 09 May 2024
The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. Proof of concept included.