Blizzard games were vulnerable to a remote hijacking exploit

Joystiq

Joystiq

Joystiq News
dims

Fans of Blizzard games might have dodged a bullet. Google security researcher Tavis Ormandy has
Please, Log in or Register to view URLs content!
that virtually all the developer's titles (including Overwatch and World of Warcraft) were vulnerable to a DNS rebinding flaw that let sites hijack the Blizzard Update Agent for their own purposes. Intruders had to do little more than create a hostname their site was authorized to communicate with, make that resolve to the target of their choice (such as the victim's PC) and send requests to the agent. From there, they could install malicious files, use network drives or otherwise create havoc.

Via:
Please, Log in or Register to view URLs content!


Source:
Please, Log in or Register to view URLs content!


Please, Log in or Register to view URLs content!


Console Bang News!
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)

Online statistics

Members online
7
Guests online
458
Total visitors
465
Robots
94
Totals may include hidden visitors.

Forum statistics

Threads
950,610
Messages
991,679
Members
17,740
Latest member
Ilushikgjr

What's new

Share this page

Community platform by XenForo © 2010-2024 XenForo Ltd.
Parts of this site powered by XenForo add-ons from DragonByte™ ©2011-2025 DragonByte Technologies Ltd. (Details)
Top