DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
May 20, 2019 
Main Menu
News archives

Who's Online
There are currently 56 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Security flaw found in EA Origin service

Posted on Tuesday, March 19 2013 @ 13:06:20 CET by

EA logo
The Tech Report writes hackers have found a security vulnerability in EA's Origin service. Similar to flaws found in Valve's Steam and Ubisoft's Uplay software, the vulnerability enables hackers to trick users into executing malicious code. For the exploit to work, Origin has to be installed on the host machine, and users have to click a carefully crafted Internet link. Additionally, a second confirmation click may also be required depending on whether the user's system is configured to open origin:// links automatically.
Ars Technica says the exploit "works by manipulating the uniform resource identifiers EA's site uses to automatically start games on an end user's machine." The Windows and OS X clients are both affected, and the user's choice of Internet browser doesn't seem to matter. Requiring confirmation before opening Origin links appears to be the only way to keep your system safe at the moment.

I don't want to make excuses for EA, especially given its handling of the disastrous SimCity launch, but Origin isn't the first service to suffer such a security hole. In October, a similar flaw was exposed in Valve's Steam client. That flaw was patched quickly, according to ValveTime, and we haven't heard a peep about it since. This past summer, a security flaw was also discovered in Ubisoft's Uplay software. The software installed a browser plug-in containing a backdoor that allowed remote code execution. Ubisoft patched that vulnerability within a day.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba