has details from a demonstration at the Black Hat Europe 2013
conference showing a remote code execution vulnerability in the client software for EA's Origin
on both Windows and OS X machines. Similar to a problem identified last year
on Valve's Steam
, this involves using a malformed URL to trick clients into executing unauthorized code, and the researches took over a remote computer by exploiting this behavior. They have a follow-up comment on this from EA saying: "Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure."