I know a few people here who still play Wc3, and I would rather they know about the bytecode exploit.
Quote from: "thehelper.net announcement"Recently a very dangerous exploit was discovered within Warcraft III. Namely, it's possible to execute bytecode through a map using Jass thus allowing practically anything, including distributing malware (viruses, trojans etc).
But, don't take my word for it, try the proof-map found here (http://www.wc3c.net/showpost.php?p=1080706&postcount=7) yourself (it is recommended that you run it in a window).
To make sure Blizzard patches this ASAP, please report it using this form (http://us.blizzard.com/support/webform.xml) (make sure you download and attach the map when reporting).
However, until Blizzard patches this issue, I wouldn't recommend playing any new maps whatsoever. Better safe than sorry.
I would highly suggest that if you do play, you should avoid downloading any maps from unknown players on battle.net/Garena/Hamachi/whatever.
Link to an example of a map that abuses the exploit. Also in the quote.
http://www.wc3c.net/showpost.php?p=1080706&postcount=7 (http://www.wc3c.net/showpost.php?p=1080706&postcount=7)
This map is harmless. All it does is open command prompt and displays some text for you to read. To run the map, just download it and run the map in windows mode or alt+tab once the map is loaded to see the effects.
UPDATE:
It seems this exploit can only occur in versions 1.22 and 1.23. If you wish to still play Wc3, you should find a private server that uses 1.21. That or wait for 1.24. Blizzard knows that this bug exists at least.
Whoa, thanks man. I was actually JUST ABOUT to re-download WC3... Thanks for the news, man.
Added more info on the exploit.
... they "fixed" that years ago by constantly changing the offsets every new version for Starcraft.
DAMN THEM
Seriously it allowed EVERYTHING in a online Starcraft game, the first example was dragoon shooting mutalisk's thing when they attack IIRC. Since then Starcraft has lost many hacks since people don't really to want to bother changing every special hack in their map every new version.
Quote from: "Zodiac"Seriously it allowed EVERYTHING in a online Starcraft game, the first example was dragoon shooting mutalisk's thing when they attack IIRC. Since then Starcraft has lost many hacks since people don't really to want to bother changing every special hack in their map every new version.
Also, stuff like iccup has anti-hacking software to prevent you from using hacks :3
Ok, apparently, Blizzard have made a temporary fix for this exploit. I haven't tested this out yet, but it should be fine on official servers at least.
http://forums.battle.net/thread.html?to ... 6&sid=3000 (http://forums.battle.net/thread.html?topicId=16888549346&sid=3000)
Quote from: "Blizzard"We have identified an exploit that could allow malicious software to be spread through Warcraft III maps. We have applied a temporary fix to address this issue when playing on Battle.net, and we are working on a patch to permanently address the issue when playing on a LAN or playing single-player custom maps. In the meantime, we recommend that players avoid downloading maps from unofficial sources or websites they do not trust -- be aware that corrupted maps may share the same name as other popular maps. If you encounter custom maps that no longer function or other issues related to this fix, please post details below.