Gaming platform contains a vulnerability that allows remote code execution on systems of millions of users.
Vulnerability in the gaming online store EA Origin threatening compromise of its 40 million users on systems that attackers can remotely execute code. This in his report the researchers report in the company ReVuln.
Origin is a platform for the dissemination of computer games company EA, including SimCity and Crysis 3, you can download it on the official web-site on-line store. This service allows users to purchase they need updating, and simplifies the developers to copyright protection company with technology Digital rights management (DRM).
Among other things, DRM is used to authenticate licensed copies of games. However, as noted in ReVuln, authorization mechanism contains a vulnerability that allows hackers to remotely compromise their system and, consequently, infect them with malware.
The researchers also noted that the corresponding error occurs when processing a URI, and the cracking process is to create a malicious link, which should move the alleged victim.
In the EA, in turn, does not comment on the situation. At the same time, immediately after a recent speech at a conference of researchers ReVuln Black Hat Security Conference game company CEO John Riccitiello left office.