The flaws was discovered by British hacker Stephen Tomkinson who presented the vulnerability onNCC Blog.
The malicious disc can execute arbitrary codes automatically and also bypass the auto-run prevention mechanism in Windows.
To show his vulnerability, Tomkinson used the popular Cyberlinks PowerDVD software.
Tomkinson says that Cyberlinks PowerDVD supports Blu-ray since 2009 but has hardly updated security mechanisms since then.
As such, an execute function is available and it could be used to run a command.
source: www.techworm.net
