DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 14, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 180 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Security flaw found in EA Origin service

Posted on Tuesday, March 19 2013 @ 13:06:20 CET by


EA logo
The Tech Report writes hackers have found a security vulnerability in EA's Origin service. Similar to flaws found in Valve's Steam and Ubisoft's Uplay software, the vulnerability enables hackers to trick users into executing malicious code. For the exploit to work, Origin has to be installed on the host machine, and users have to click a carefully crafted Internet link. Additionally, a second confirmation click may also be required depending on whether the user's system is configured to open origin:// links automatically.
Ars Technica says the exploit "works by manipulating the uniform resource identifiers EA's site uses to automatically start games on an end user's machine." The Windows and OS X clients are both affected, and the user's choice of Internet browser doesn't seem to matter. Requiring confirmation before opening Origin links appears to be the only way to keep your system safe at the moment.

I don't want to make excuses for EA, especially given its handling of the disastrous SimCity launch, but Origin isn't the first service to suffer such a security hole. In October, a similar flaw was exposed in Valve's Steam client. That flaw was patched quickly, according to ValveTime, and we haven't heard a peep about it since. This past summer, a security flaw was also discovered in Ubisoft's Uplay software. The software installed a browser plug-in containing a backdoor that allowed remote code execution. Ubisoft patched that vulnerability within a day.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba