New World, the colonial MMORPG from Amazon Game Studios features an oversight that allows players to send HTML code through the game’s chat box. Some have used this unintended feature to crash the game for players who hover their mouse over certain words or images.
YouTuber Josh Strife Hayes discovered yesterday (October 29) that this was possible. Essentially, Amazon Game Studios didn’t tell New World‘s chat box to not allow code within it. This means that players savvy in HTML – a coding language – can have some fun and post images in the chat.
Hayes points out that this is not the first time this has happened in an MMO. Years ago, World Of Warcraft was also found to be open to this vulnerability.
While this can be used for silly things, such as resizing images to make them ridiculously large – as Hayes did with an image of a sausage – it can also be used for more malicious possibilities. If links can be sent through the chat box then people could be tricked into downloading malware onto their computers while just trying to play a supposedly secure game.
According to Hayes, there is a very simple bit of code that can be injected into the chat box that makes people’s game crash as soon as they hover over a certain bit of text. This is an issue because the text doesn’t look any different from anything else they may see, so unaware users will have no way of knowing how to avoid this text.
The text tells your computer to look up a specific value that isn’t there, causing your computer to run out of memory while conducting an endless search, thus crashing your game.
Apparently, this is an issue that can be fixed very easily by Amazon, so, hopefully, New World will be safe again soon.
In other news, A Better Ubisoft has congratulated Activision workers for their wins, while criticism Ubisoft for not implementing meaningful changes fast enough.