While Sony has agreed to cease the manufacture of discs that include their XCP copy protection software, found to break basic security protocols as a hacker's rootkit would to hide itself from detection, Sony has not addressed the second of two sets of copy protection included on some Sony-BMG music CDs. MediaMax, from a company called SunnComm, behaves in a similar fashion as XCP, though without the obvious security vulnerability: It installs software without permission, it does not remove destructive components even when asked to do so, and it lies about what it is doing in the end-user license agreement. One of its features is to prevent you from making MP3s from any Sony-BMG audio CD with this "protection". Another is to communicate a serial number back to SunnComm every time to try to play one of these discs. Once again, it falls squarely in the realm of spyware.
While there is a version of SunnComm's software that could infect a Macintosh computer, it can't do so unless the user explicitly runs the installer. Windows users with "autorun" turned on (which is on by default) will have their computers infected as soon as the disc is put in the CD-ROM drive.
