Street Fighter V Update Opens Backdoor on Windows PCs
A game update for Street Fighter V unwittingly opened a huge security hole on all Windows PCs it was installed, according to numerous complaints from users on Reddit. Capcom, the game’s maker, issued an update to Street Fighter V on Thursday, announcing a brand new anti-cheat system.
“As a part of the new content and system update releasing later today, we’re also rolling out an updated anti-crack solution (note: not DRM) that prevents certain users from hacking the executable. The solution also prevents memory address hack that are commonly used for cheating and illicitly obtaining in-game currency and other entitlements that haven’t been purchased yet.”
“The anti-crack solution does not require online connectivity in order to play the game in offline mode; however, players will be required to click-confirm each time they boot up the game. This step allows ‘handshake’ to take place between the executable and the dependent driver prior to launch.”
This new anti-cheat system wasn’t just a game update, and also included a new driver that needed to be installed on players’ PCs.
Game update requiring special permissions” alerted users
Because the update required OS-level access, some users were prompted for additional permissions when installing their upgrade, which led some more technically inclined gamers to investigate what was going on.
To their surprise, the game was installing a kernel-level access driver called capcom.sys, which was disabling a key security feature of their Windows operating system in order to peek inside the kernel for code specific to known cheating tools and methods.
The problem, as Reddit user extrwi explained, was that anyone that passed the control codes 0xAA012044 and 0xAA013044 to this driver would be able to disable the SMEP (Supervisor Mode Execution Protection) kernel protection feature and take over the device.
Game maker rolls back update
After some of the techies that discovered this flaw posted their findings on Reddit and caused a huge ruckus in the gaming community, on Friday, Capcom admitted its blunder and decided to roll back the shoddy update, ASAP.
“ We are in the process of rolling back the security measures added to the PC version of Street Fighter V. After the rollback process to the PC version, all new content from the September update will still be available to players. We apologize for the inconvenience and will have an update on the time-frame for the PC rollback solution soon. ”
The rollback to the PC version of SFV prior to the security measure update is now live. The new September content is included. — Street Fighter (@StreetFighter) September 24, 2016