Anarchy Online and Age of Conan Vulnerabilities Fixed

dachshund writes "The Baltimore Sun reports that security firm Independent Security Evaluators has disclosed vulnerabilities in the popular MMORPGs Age of Conan and Anarchy Online. The flaws (which have since been patched) allowed a malicious user to read files from and take control of another player's computer. The full details of the attack are available, including a video (hi-res MOV) showing how the targeted player's client can be crashed, and how an attacker can save and run scripts on the victim's computer."

We'll see more like that soon

[Opportunist]

Online games are the new entry point for exploits. With OSs being fixed and locked down, the current angle of attack are web browsers and their plugins (especially the latter gain a lot of attention lately, especially plugins that are most likely present in browsers like flash players and PDF-readers). This won't work forever either.

The next will be online games. They are fairly widely spread, they usually use standardized ports and they are also usually done with security as a minor concern, if any. I'd be especially wary of games that require a forwarded port to work properly, but any game communicating with a server is a possible attack vector.