Electronic Arts’ PC gaming platform, Origin has been found to have a security vulnerability that allows hackers to trick users of the service into opening and running malicious software on their system.
EA’s answer to the popular Steam and Epic storefronts is used to launch the publisher’s own gaming titles such as Apex Legends and Anthem, but researchers from Underdog Security found a loophole in the Windows version of the client – installed by tens of millions of gamers.
As reported by TechCrunch, it was possible to trick the desktop app to run any program on the user’s computer when clicking on a custom link, which in turn could allow hackers to run certain commands on their system and download malicious programs such as malware.
What’s more, the link doesn’t even need to be explicitly clicked on for the Origin client to execute it, with the ability of a script to open the problematic link when a user visits another unrelated page.
Thankfully, EA released a patch that successfully addresses the exploit on Monday, but users of the service are recommended to check they’re running the latest version. Mac users can breathe easy as the vulnerability never affected that version of the client.