Capcom roll back Street Fighter V update after installing security vulnerability in System32 | PCGamesN

Capcom roll back Street Fighter V update after installing security vulnerability in System32

street fighter 5 KO

Capcom has immediately rolled back the latest Street Fighter V PC update after it installed invasive files to the user's System32 directory, possibly compromising system security.

Read more: Best Street Fighter V Characters.

The file "Capcom.sys" was installed as a driver within Windows' most sacred of directories purportedly as a security feature to prevent players from hacking the executable.

Capcom claimed the files, which users discovered had kernel access, would act as a non-DRM anti-crack solution which did not require internet access.

"The anti-crack solution does not require online connectivity in order to play the game in offline mode; however, players will be required to click-confirm each time they boot up the game," the update notes state. "This step allows ‘handshake’ to take place between the executable and the dependent driver prior to launch."

By running the file through analysis tools, players on Reddit found that the kernel-level driver disabled Supervisor-Mode Execution Protection in order to run any instructions handed to it by the executable before then re-enabling SMEP.

SMEP is a feature of x86 processors which prevents, among other things, malicious code execution from sources outside of authorised memory pages. With it down, instructions no longer have to come from trusted locations in the system hierarchy and could easily be smuggled in by someone with knowledge of the virtual memory pages apps make use of.

Needless to say, that's a giant hole in your entire system's security, which a lot of players weren't happy about. As a result, Capcom issued a notice they would begin immediately rolling back the update. The new, driver-less, update is now live so if you were holding off getting that sweet new Urien skin and the rest of the September content, feel free to not get a rootkit installed on your machine now.

The situation was reminiscent of the 2005 Sony/BMG rootkit scandal which saw the music industry giant deceptively installing malware which prevented CD piracy, as well as collecting private information even if the EULA was declined. Sony was subject to several class-action lawsuits and state-mandated compensation payouts. So I guess 24 hours of irate gamers is a small price to pay.

Sign in to Commentlogin to comment