Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

PlayReady Certificate Leak Forces Microsoft to Step In to Protect Streaming

Redazione RHC : 6 August 2025 07:31

With so many options for streaming video online, content protection continues to be a key concern for copyright holders. This is often achieved through digital rights management (DRM) anti-piracy tools, which govern where and when digital content can be accessed.

PlayReady DRM is a major player in the industry. Microsoft’s proprietary technology is used by many major streaming services, including Disney+, Netflix, Prime Video, and others. Therefore, keeping it secure is crucial.

A few weeks ago, an account called “Widevineleak” published a list of SL2000 and SL3000 certificates on GitHub. The SL2000 variant is commonly known as software DRM, while the more advanced SL3000 variant offers more advanced hardware security.

The SL3000 certificate leak is particularly problematic because SL3000 is designed to protect the highest-quality content, including 4K and UHD versions. With these certificates, pirates could potentially decrypt and redistribute high-resolution video streams, effectively bypassing protections.

The original source of the leak is unknown. However, the prospect of mass piracy is clearly problematic for rights holders, streaming platforms, and PlayReady itself, which relies on trust and security. It’s therefore not surprising that Microsoft took immediate action.

Microsoft’s response included a takedown notice sent to its subsidiary, GitHub, requesting it to remove the leaked SL3000 certificates. This confirms that the leaked information was authentic and at risk of exploitation. “The hosted materials are part of our PlayReady product and allow malicious actors to pirate PlayReady-protected content,” the notice reads, adding that “the entire repository is infringing” and should therefore be removed entirely.

GitHub has complied with the takedown notice and removed the content in question, as well as two forks of the repository. Visitors viewing the link today will instead see a takedown notice.

Curiously, the leaked SL2000 certificates were not mentioned in the takedown notice and are still online as of this writing. While the focus was on the higher-security SL3000 certificates, the omission raises questions about Microsoft’s broader strategy for addressing such leaks at different security levels.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli