It’s time to update Origin, as EA’s game client could be a security risk just by having it installed
EA’s PC client, Origin, has been popular of late. The runaway success of Apex Legends and big releases like Anthem has seen players jumping in to Origin with aplomb. However, a security vulnerability could be putting users at risk.
Daley Bee and Dominik Penner of Underdog Security (via TechCrunch) have found a flaw that can let malicious actors run or install applications on the PC without users permissions, through something as innocent as a hyperlink.
As with the recent Internet Explorer flaw, this doesn’t require you to even open Origin, you just need to have it installed. This is due to the way EA uses a custom URL protocol to access the web store of individual games through a browser using the Origin:// protocol.
Related: Best Android Phones
However, it turns out that Origin can be tricked, and this could allow internet-dwelling bad guys to install programs onto an end user’s PC without them even knowing.
EA has fixed the exploit now, so, Windows users, you can fix it right now. Stop reading, go to Origin and update it. Problem solved. For those of you reading along on the Mac, congratulations, you get a pass this time. The exploit only affects Windows users.
As a demonstration, Bee showed off an exploit that shows up the Windows Calculator application, disguised as an EA sales offer, showing how easily users could be taken advantage of.
Related: Best FPS Games
Our advice is the same as always for big exploits: be careful what you click and keep all of your applications updated. This is a worrying exploit to see in the wild, and it’s unsure whether it was used to get to users, but it’s serious enough that you should definitely be updating your Origin client posthaste. Doctors orders.
Use Origin? You could get hold of us on Twitter at @TrustedReviews, or you could go and update your Origin. I’d recommend the Origin update first, honestly.