ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > DC Gamer Club

Update Origin Now


If you have Origin (EA's launcher/store) installed, update it now.   As in quit reading this and go update it.

Then you can read the long story here:


But strangely, a recent bug with its Origin game client might be one of the company’s most serious issues yet.

That’s because due to a security flaw in the Windows version of Origin, it was possible for hackers to essentially run or install any application on a user’s computer through something as innocuous as a hyperlink.

Discovered by Daley Bee and Dominik Penner of Underdog Security (via TechCrunch), the source of the flaw came from EA’s use of a custom URL protocol that allowed gamers to access a game’s web store from a browser instead of using the Origin client. Unfortunately, because those “origin://” links could also be tricked into launching malicious software, it essentially gave hackers free rein to install almost any program onto an end user’s machine.

According to Bee, by combining a malicious code with a cross-site scripting exploit, malware could be sent and automatically installed on vulnerable systems simply by clicking a link. And to prove the existence of the flaw, the team at Underdog security even created a demo exploit that opened up the Windows Calculator app instead of a link in Origin that appeared to be an EA sales offer.

--- End quote ---


[0] Message Index

Go to full version