
Forum �bersicht Suche Login Registrieren Forums-Blog Landkarte

Juli
2018

TERA computer game patched after report of RCE bug in chat feature

En Masse alerted gamers on Nov. 11 that it can be performing emergency maintenance on popular MMORPG title TERA to solve a bug rolling around in its in-game chat feature.
En Masse alerted gamers on Nov. 11 that it could well be performing emergency maintenance on popular MMORPG title Tera items to correct a bug rolling around in its in-game chat feature.
South Korean game maker Bluehole, Inc., issued a hotfix due to its popular title TERA earlier this week, following a circulation of the report revealing that the sport's HTML-based chat function may be abused to spread malware.
In a few forum postings, Bluehole subsidiary and North American publisher En Masse alerted gamers on Nov. 11 that it could be performing emergency maintenance for the MMORPG (massively multiplayer online role-playing game) so that you can repair the bug, which �allowed the posting of images external towards the TERA client in chat.� Previously, on Nov. 10, En Masse suspended all chat (except to get a feature called guild chat) to stop attackers from exploiting the service, whilst it and Bluehole investigated the matter.
En Masse said which it first became aware with the vulnerability at a post made with a TERA subreddit, likewise as Discord, a voice and text chat app for gamers.
According for the vulnerability disclosure report, that was written by players themselves, an in-game chat error in Tera Gold can have enabled remote code execution on clients' computers, allowing attackers to potentially spread malware. Other malicious activity was reportedly possible also, including deleting other gamers' items and characters, crashing clients, and seeking up players' IP addresses. Prior to issuing the patch, En Masse stated to use forum which it had �no evidence the vulnerability has been exploited over these ways or that any player information has become compromised.�
First released in South Korea next year, TERA debuted in North America and Europe in 2012 � meaning the vulnerability existed for decades before its public disclosure.