If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Origin update fixes major vulnerability

EA rolled out a new update for Origin earlier this week to plug a security breach.

Origin, like many popular apps, uses a unique URL (origin://) to allow web pages to open corresponding content in the client itself. This is used to direct users to game store pages and so on, so long as they have the Origin Windows client installed.

Unfortunately, EA's implementation contained a flaw that would allow hackers to fool Origin intro running malicious code. All the victim needs to do is click an Origin link.

This flaw was brought to light by researches Daley Bee, and Dominik Penner, who provided TechCrunch with a proof-of-concept code. According to the site, the code could also be used to launch Windows PowerShell, which is often used to install ransomware.

The good news is that EA fixed the issue in a hotfix released on Monday, so make sure your Origin client is updated.

This is actually Origin's second security snafu in recent memory. In November last year, EA fixed a bug that allowed hackers access to users' account settings.

About the Author

Sherif Saed avatar

Sherif Saed

Staff Writer

Whether it's news, reviews, or interviews - Sherif is always eager to tell you about video games. He plays shooters more than a sane person should, and occasionally has the skills to show for it.

Support VG247

You give us money, we give you an ad-free reading experience, merch discounts, a newsletter every month, and elite status amongst your friends.

See more information

More News

Latest Articles

VG247 logo

Buy our t-shirts, yeah

They're far more stylish than your average video game website tat.

VG247 Merch