Origin exploit uses hyperlinks to run malicious code remotely

Security research firm ReVuln has discovered a fairly simple way (in theory, at least) for unscrupulous folks and their hacking machines to execute malicious code on your computer, by way of EA's Origin platform.

The exploit takes advantage of Origin's uniform resource identifier -- the protocol through which hyperlinks and shortcuts launch Origin itself and execute commands. Typically, a URI is clicked on by the user, either in the form of a link in a web browser or as a shortcut on a desktop, at which point the URI launches Origin and tells it what game to load, and how.

As it happens, certain Origin-exclusive games are vulnerable to having their execution commands subverted by precisely formatted URIs. As seen in the graph above, this can be used by bad dudes to piggyback instructions onto the URI, which can instruct Origin to load and run malicious software, rather than Crysis 3.

Avoiding this exploit is thankfully simple, however: Open Origin first, and launch games from there. The exploitative instructions are contained within the URI hyperlink -- take that out of the equation, and you should be fine.

"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure," an EA representative told us. Uniform resource identifiers aren't unique to Origin, of course, and are widely used in everything from iTunes to Steam, the latter of which has an extremely similar vulnerability [PDF] that was discovered by ReVuln last year.