Biggest security hole found in EA Origin gaming client


The Origin Arts PC gaming platform Origin has a security vulnerability that allows hackers to trick service users into opening and running malicious software on their systems.

EA's response to the popular Steam and Epic windows is used to launch the publisher's own game titles, such as Apex Legends and Anthem, but researchers at Underdog Security found a breach in the client's Windows version – installed by tens of millions of players.

As reported by TechCrunch, it was possible to fool the desktop application into running any program on the user's computer by clicking a custom link, which in turn would allow hackers to execute certain commands on their system and download malicious programs such as malware.

Also, the link does not even need to be explicitly clicked on for the Origin client to execute, with the ability for a script to open the problematic link when a user visits another unrelated page.

Fortunately, EA has released a patch that successfully addresses the exploit on Monday, but service users are advised to check to see if they are running the latest version. Mac users can breathe easily, since the vulnerability never affected this version of the client.


Source link