Capcom bundles backdoor with Street Fighter V update

September 26, 2016 | 10:15

Tags: #back-door #backdoor #insecurity #security #street-fighter-v

Companies: #capcom

Capcom has apologised to Street Fighter V players after it was caught installing a backdoor on Windows systems as part of its most recent title update.

As with many PC games, Street Fighter V suffers from piracy and cheaters - the platform's perennial problems. Unlike most, however, the latest attempt to fix the problem came in the form of a title update bundling a Windows driver - capcom.sys - which disables selected system security features and provides publisher Capcom with administrator-level privileges to the entire operating system and all its files.

The problems began with a security update released on September 22nd containing what Capcom described as an 'updated anti-crack solution.' In its announcement, the company claimed that that software was not DRM, but was designed such that it 'prevents certain users from hacking the executable. The solution also prevents memory address hack [sic] that are commonly used for cheating and illicitly obtaining in-game currency and other entitlements that haven’t been purchased yet.'

Sadly, the update did significantly more than Capcom promised. In a thread on social networking site reddit, users tore down the code included with a kernel-level Windows driver file bundled with the software and discovered that it disabled the Supervisor Mode Execution Protection (SMEP) functionality of affected systems, forced the game to elevate its privileges and run at administrator level, and provided Capcom with complete and unrestricted access to the entire host system. In short: it's a backdoor, and one which actively harms the overall security of players' systems.

Although the code in the driver disables SMEP only long enough to run a chunk of its own code and then re-enables the functionality, the damage is severe: using the driver, any unprivileged process on the system - including malware - can have its code executed at kernel level without question. Capcom, for its part, has apologised and promised to undo the damage caused. 'We are in the process of rolling back the security measures added to the PC version of Street Fighter V,' the company claimed in a statement on the matter. 'After the rollback process to the PC version, all new content from the September update will still be available to players. We apologise for the inconvenience.'

Those who wish to ensure their system's security are advised to check for the driver 'capcom.sys' even after the update which should remove it is installed.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04