Jouko Pynnönen, a security researcher from Finland, has uncovered a security flaw within the Unity Web Player plug-in that could make hundreds of millions of gamers vulnerable to having their data stolen from any website they happen to logged into at the time, including webmail and social media accounts.
The Unity Web Player plug-in is designed to allow browsers to display and run game content in web applications; a popular choice, thanks to its flexible compatibility across domains, and is even endorsed by Facebook, which has its own software development kit for Unity-based games within the social networking site.
According to Unity Technologies, over 200 million people have Unity Web Player installed on their computers, and is used by over 700,000 active developers on a monthly basis, leaving a huge chunk of the world’s population at risk of having their details stolen.
Pynnönen built a Unity app to test the plug-in’s integrity. When the app was loaded up by the plug-in, it could access the Gmail account that was open in the browser, and was even able to forward e-mails to another account through the plug-in.
Thankfully, Chrome users running version 42 of the browser are protected from the vulnerability. Users of other browsers are advised to either use Chrome version 42 or uninstall the Unity Web Player until the problem is patched.
Thank you Lifars for providing us with this information.
Image courtesy of PC World.
Accenture has announced it will train 30,000 of its employees on NVIDIA's AI platform as…
A suspicious listing has appeared on AliExpress for a product labeled "Nvidia GeForce RTX GT610,"…
Corsair has revealed two new models in its K70 CORE lineup: the K70 CORE TKL…
Bethesda has recently made bold claims about Starfield, stating that it’s the best and hardest…
The long-awaited remake, Metal Gear Solid Delta: Snake Eater, will offer a unique twist on…
In a surprising move for gamers, Horizon Zero Dawn has been removed from the Epic…