New Warcraft III security exploit discovered

User avatar

Topic author
Xenon
Zerg Queen's Nest Slave Trainee
Zerg Queen's Nest Slave Trainee
Posts: 761
Joined: Mon Oct 23, 2006 3:29 pm
Status: Offline

New Warcraft III security exploit discovered

Postby Xenon » Tue Dec 07, 2010 8:18 pm

Hiveworkshop news post

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders).


It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.


Fantastic. They haven't even issued a patch to fix this yet (found in late October.)

With crap like this still going on, it looks more and more like Wc3 will be the last Blizzard game to ever allow local hosting of files. The promise of integrating legacy games into "Battle.net 2.0" is also unsettling.

User avatar

Lavarinth
Xel'naga Administrator
Xel'naga Administrator
Posts: 6579
Joined: Wed Aug 16, 2006 5:21 pm
Location: His Ashworld Planet
Contact:
Status: Offline

Re: New Warcraft III security exploit discovered

Postby Lavarinth » Thu Dec 09, 2010 1:54 am

They made this promise? I thought they had no intentions to do so with legacy titles since the demand isn't so high, might be wrong though.
- - Lavarinth
Campaign Creations Administrator

User avatar

Topic author
Xenon
Zerg Queen's Nest Slave Trainee
Zerg Queen's Nest Slave Trainee
Posts: 761
Joined: Mon Oct 23, 2006 3:29 pm
Status: Offline

Re: New Warcraft III security exploit discovered

Postby Xenon » Thu Dec 09, 2010 11:56 am

Saw this on the Warcraft III Forums:

BUT maybe theres a other Reason why they still havent released the new Patch yet, im sure many here watched the Blizzcon 2010, there in an Interview (a few weeks ago) one of Blizzard sayd they working on a "Battle.net 2.0" Integration of WarCraft 3, with RealID and stuff, the one that interviewed him was also surprised, me to, but thats really nice, he sayd WarCraft 3 has already mostly everything ready to be integrated in Battlenet 2.0, thats so nice, then you see in your StarCraft 2 Friendslist, or Wolf of WarCraft Friendslist if friends are playing WC3, i think thats the mainreason for the delay.


Haven't verified this though. I do agree with this comment if it entails what they did to SC2:

The final nail in war3's coffin would be having it use bnet2.0.

User avatar

RazorclawX
Xel'naga World Shaper
Xel'naga World Shaper
Posts: 1598
Joined: Thu Aug 24, 2006 7:19 pm
Status: Offline

Re: New Warcraft III security exploit discovered

Postby RazorclawX » Fri Jan 28, 2011 1:21 am

Warcraft III 1.25 patch is up on their PTR server... who knows if it actually fixes anything.
Image
-- Razorclaw X
Creator of Wanderers of Sorceria and Vision of the Future


Return to “WarCraft Discussion”

Who is online

Users browsing this forum: No registered users and 3 guests