Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Escapist logo header image

Update: Elder Scrolls Online May Have Day One Vulnerability

This article is over 11 years old and may contain outdated information
Elder Scrolls Online screenshot

All games developed by Bethesda since 2001 carry a security exploit that may put Elder Scrolls Online‘s launch at risk.

Update: Since The Elder Scrolls Online is being developed by ZeniMax Online Studios and uses “its own unique engine”, there is little chance this particular vulnerability will exist in the finished game.

There are two generally accepted facts when it comes to Bethesda’s RPGs: They feature vast worlds that players can explore for hours, and those worlds will be filled with various bugs. Such quirks are par for the course in single-player games, but they could create all-new problems for the MMO setting of Elder Scrolls Online. A security analyst poking around the developer’s back catalog has discovered a vulnerability within Bethesda games stretching back to 2001. While the exploit was relatively harmless for single-player titles, the same code within Elder Scrolls Online could subject players to security and privacy risks when it launches later this year.

This exploit is a format string vulnerability, which allows users to manipulate the game’s running stack. By activating specialized functions using the developer’s console, players can display information hidden in the program’s memory or, with a few keystrokes, crash the game to the desktop. The exploit has been tested using Morrowind, Skyrim, and even Fallout 3, although abuses would be understandably rare in single-player games. Trouble is, if Elder Scrolls Online uses the same code, potentially any user could access the functions of other systems, or perhaps the server itself.

So let’s say the exploit is included in Elder Scrolls Online: What’s the worst that could happen? The most likely answer is an increased risk of DDoS attacks on servers, which would prevent anyone from being able to play their recently purchased game. One could also activate administrative privileges for their characters, or even more concerning, display the account passwords of other players. That said, now that the exploit is public knowledge, hopefully Bethesda can patch any offending code before its game reaches the public. Not only would that make the launch easier on players and staff alike, but it would prevent an MMO launch disaster comparable to Diablo III in its scope.

Source: Joe’s Security Blog, via Warcry

Recommended Videos

The Escapist is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission.Ā Learn more about our Affiliate Policy