Every time I publish a new article about Electronic Arts, a part of me dies a little. This week (more like this hour), it’s about EA’s direct-download client, Origin, and the massive vulnerability that puts more than 40 million users at risk for third-party exploit.
Participants in a Black Hat event last Friday in Amsterdam recognized and demonstrated the exploit by installing malicious software on vulnerable computers. “The Origin platform allows malicious users to exploit local vulnerabilities or features by abusing the Origin URI handling mechanism,” ReVuln researchers Donato Ferrante and Luigi Auriemma detailed during the event. In layman’s terms, a user accesses a URI in-game, and Origin’s overlay is tricked into treating it as a friendly install link. Unfortunately, instead of downloading Battlefield 3, you’re left with Battlefield: Kill Your GPU.
By modifying the variables in the underlying URI links, the commands to start a game can be replaced with instructions that cause a computer to install a malicious program instead. The technique works against people who have installed Crysis 3 and a variety of other games. Other techniques work against machines with different titles installed.
The exploit is exceptionally similar to one that affected Steam late last year. As far as I can tell, Steam has yet to patch this problem in their architecture. This indicates either: the exploit is too gosh darn complicated to fix (doubtful), or that the security risk is a necessary gamble, and both companies consider the benefits of the URI system to outweigh the concerns (exceptionally more probable, if not slightly disappointing).
Poor EA is increasingly the subject of media attention lately, and stock reports indicate a slowly sinking venture. I’m not saying you should abandon ship–I’m not even saying that EA won’t be able to recover from Q1 2013–but I am saying is that there’s definitely room for another free game in my Origin library, EA.
Just kidding. Mostly.
