If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Origin update fixes major vulnerability

EA rolled out a new update for Origin earlier this week to plug a security breach.

Origin, like many popular apps, uses a unique URL (origin://) to allow web pages to open corresponding content in the client itself. This is used to direct users to game store pages and so on, so long as they have the Origin Windows client installed.

Unfortunately, EA's implementation contained a flaw that would allow hackers to fool Origin intro running malicious code. All the victim needs to do is click an Origin link.

This flaw was brought to light by researches Daley Bee, and Dominik Penner, who provided TechCrunch with a proof-of-concept code. According to the site, the code could also be used to launch Windows PowerShell, which is often used to install ransomware.

The good news is that EA fixed the issue in a hotfix released on Monday, so make sure your Origin client is updated.

This is actually Origin's second security snafu in recent memory. In November last year, EA fixed a bug that allowed hackers access to users' account settings.

You're not signed in!

Create your ReedPop ID & unlock community features and much, much more!

Create account
Tagged With
About the Author
Sherif Saed avatar

Sherif Saed

Staff Writer

Sherif is VG247’s resident shooter and Souls-likes person. Whether it’s news, reviews, or op-eds – Sherif is always eager to tell you about video games. Sherif is based in Egypt, a fact he’s working diligently to change, if only to have more opportunities to hike.

VG247 logo

Buy our t-shirts, yeah

They're far more stylish than your average video game website tat.

Explore our store
VG247 Merch