Security experts at ReVuln published a report, claiming that vulnerability contained in EA Origin online store can be used to compromise its 40 million users’ systems. According to the report, the vulnerability allows remote code execution.
Origin is a platform created to spread EA computer games, including SimCity and Crysis 3 that can be downloaded from the official website of the online store. The service allows users to buy necessary update package and makes it easier for the developers to protect copyrights using Digital rights management (DRM) technology.
DRM is also used to authenticate licensed game copies. However, ReVuln experts stated that the mechanism contains vulnerability and lets hackers to remotely compromise the users’ systems and infect them with malware.
A remote attacker can create a specially crafted link, trick a victim into following that link and execute arbnitrary code on the target system with privileges of current user.
EA reps did not give any comment on the situation.
You may view the full ReVuln’s report here.
