Download CryptoTab App FREE - CryptoTab is a free app for iOS and Android that pays you to browse the websites you normally would on your phone or your computer! Start earning your first Bitcoin today!

Origin exploit uses hyperlinks to run malicious code remotely

Posted by c280668993 on March 19th, 2013

Security research firm ReVuln has discovered a fairly simple way (in theory, at least) ESO cdkey for unscrupulous folks and their hacking machines to execute malicious code on your computer, by way of EA's Origin platform.

The exploit takes advantage of Origin's uniform resource identifier -- the protocol through which hyperlinks and shortcuts launch Origin itself and execute commands. Typically, a URI is clicked on by the user, either in the form of a link in a web browser or as a shortcut on a desktop, at which point the URI launches Origin and tells it what game to load, and how.

As it happens, certain Origin-exclusive games are vulnerable to having their execution commands subverted by precisely formatted URIs. As seen in the graph above, this can be used by bad dudes to piggyback instructions onto the URI, which can instruct Origin to load and run malicious software, rather than Crysis 3.

Avoiding this exploit is thankfully simple, however: Open Origin first, and launch games from there. The exploitative instructions are contained within the URI hyperlink -- take that out of the equation, and you should be fine.

"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure, " an EA representative told us. Uniform resource identifiers aren't unique to Origin, of course, and are widely used in everything from iTunes to Steam, the latter of which has an extremely similar vulnerability [PDF] that was discovered by ReVuln last year.
source: joystiq

Welcome to buy Guild Wars 2 Gold TESO time card at 3zoom. com, Cheap Price ESO time card and Fast Delievry of Guild Wars 2 Gold for you!

Also See: Wars 2, Uniform Resource, Guild Wars, 2 Gold, Origin, Uri, Malicious

Audio Video Wholesaler
Your Direct Source For Multimedia Products, Audio, Music, Video Courses Products at Wholesale Prices
CryptoTab Browser - Easy way for Bitcoin Mining | CryptoTab Browser
CryptoTab Browser is the world's first web browser with built-in mining features. Familiar Chrome user interface is perfectly combined with extremely fast mining speed. Mine and browse at the same time!

Quality Office Furniture USA Shipped Direct - Madison Liquidators
Nationwide vendor of quality office furnishings including Desks, Office Chairs, Conference Tables, Cubicles and more!

Lolli: Earn Free Bitcoin When You Shop Online!
Lolli is a rewards application that gives you bitcoin for shopping at your favorite online stores.

Advertise Here