About this download
Recently, a security vulnerability has been found within a limited number of our products.
This is the first time we have been made aware of this security issue, and to date we have not received reports of any customers being affected by this issue.
However we take all security issues very seriously and are therefore outlining how users can address this with the update below.
What is the issue?
A security vulnerability has been found that exists in some versions of an ActiveX control for Gracenote CDDB lookup used in certain Sony software products listed below. This issue is not present in all versions of our standard software and is only present in the certain versions of our current software. This "buffer overflow" vulnerability could allow an attacker to load malicious code onto a user's system and then execute the code.
This issue only affects Sony software products listed below. Other Sony software products that utilize Gracenote's CDDB features use other software and do not contain this security issue.
- Sony CONNECT Player
- Sony SonicStage Ver. Ver.3.3/3.4
- Sony SonicStage Mastering Studio Ver.2.1.00/2.2.01
How to update ?
The installer is named GracenoteUpdateForSony.exe and is 2.9MB in size.
If your browser offers a RUN or OPEN option you may select it when you click the download link, otherwise please take note of the download location on your computer, for example C:/Download.
Once the download has completed, please run the installer to start the update of your Sony software.
When the installer has finished, it will prompt to restart your computer. Please click the Finish button. Your computer will reboot and the update process will be complete.