The Elder Scrolls Online In Danger of Code Exploit Armageddon at Launch

| 13 May 2013 17:53
The Elder Scrolls Online - Stros Mkai Pic

This vulnerability has been in Bethesda games as far back as 2001.

Bugs, glitches, and exploits have been a permanent part of video games since their creation. Because of their complexity, Bethesda's catalog of video games has been filled with near legendary amounts of bugs and glitches. Today, we can add a security exploit to that list. A security analyst posted information on an exploit that has been present in Bethesda games as far back as 2001. This exploit, referred to as a format string vulnerability, allows users to do things like crash a game or run harmful code. This exploit, if it is included in The Elder Scrolls Online, could make for an "interesting" launch.

To make this a little simpler, a format string vulnerability could be used to execute what essentially amounts to a distributed denial of service (DDoS) attack by simply changing a few server addresses. This would stop users from being able to log into TESO. More sinister than a DDoS is this vulnerability's ability to allow the exploiter to possibly read passwords or even allow certain users to gain administrative or even game master privileges within the program environment itself.

Because this exploit has been present in each game the company's released for the past 12 years, we can assume that Bethesda has been using the same code base for all their titles. If Zenimax Online started development of The Elder Scrolls Online with the same codebase then this security hole will most likely be present at launch. Because TESO is an MMO, it opens the door for theft of user data as this security exploit could be used to gather user passwords or even administrator account information.

If this exploit is present, the launch of The Elder Scrolls Online may end up dwarfing Diablo III's failure to launch by allowing users to keep the game offline instead of shoddy in-house programming. So, all we can do is hope that Bethesda noticed this problem and started TESO development by fixing this security hole.

Source: Joe's Security Blog

The-Elder-Scrolls-Online
The Elder Scrolls Online

Post Comment

You must be logged in to post. Log In

@greg tito because theres an article about something that is completely irrelevant to ESO

berant99:
....Massive face palm. Bethesda isn't making the game. This has been common knowledge since the game's announcement. Zenimax online studios is making the game. RESEARCH!

"If Zenimax Online started development of The Elder Scrolls Online with the same codebase then this security hole will most likely be present at launch."

There's an IF in there, Berant. I'm not sure what you are complaining about.

They did say its possible they started with the same base code. We know its bot the same company. Well i do at least.

berant99:
....Massive face palm. Bethesda isn't making the game. This has been common knowledge since the game's announcement. Zenimax online studios is making the game. RESEARCH!

You do know how development works, right? http://www.uesp.net/wiki/Skyrim:Credits

....Massive face palm. Bethesda isn't making the game. This has been common knowledge since the game's announcement. Zenimax online studios is making the game. RESEARCH!

Continue reading 5 comments on the forums.
Recommended Games
Eden Eternal
categories: 3d, fantasy
Alganon
categories: 3d, fantasy
JX2 Online
categories: fantasy
Castlot
categories: fantasy