Although i also hope from what i read atop the messages, that whats ever is going on, certainly doesnt affect my pc in anyway, and certainly doesnt get any Details or so from my pc just by being on a game me and a friend tend to enjoy playing together on.
This stinks! I like to play a custom map, and have to task manager kill sc2 after every match. For a 20 year old game, should have been pretty simple to fix this. hard crash lockup on lobby? so dumb.
But according to the defenders of this cyber criminal on this forum, its your fault you had to restart your PC, not his, because you’re the one that pulled the plug!
That is what they are saying to all the data I lost in Excel due to being forced to restart my computer and announced my intention to sue the attacker for 1$ in small claims court just to drag him through the legal system.
That what YOU said.
Smh…
It’s crazy to think that some guy could do this to a game because he was mad
Just to update:
An extra step can be done to avoid both freezing and force-closing at the end of custom games.
Once a game lobby is open, minimize it and change to Campaign mode. Then click “Return to Lobby” in the bottom left of the screen. After that, just fill the lobby and play normally. When the game is done, it will return to the Campaign UI instead of the Lobbies UI. Thus no force-close and no freeze.
EDIT:
Here’s a guide that goes through the whole process.
1 Like
You have to admire the dedication people have to making others miserable through this game.
All because some game developer wouldn’t let them cheat on their game. I said it before and I’ll say it again: i wish they’d use that dedication and talent to make something cool instead of disruptive
2 Likes
It’s way easier to be disruptive than it is to be productive. There are lots of ways to break something but very few ways to make it or improve it. Any idiot can crash a car but basically nobody could build one, let alone from scratch. One requires you have a brain and that’s it, the other requires a degree in mechanical engineering, a rare level of financial security, fabrication skills, and access to rare tools and resources. The incidence of a mechanical engineering degree alone is 1 in 25,000. It’s a lot easier to be disruptive than it is to be productive, that’s just a fact of reality.
This is why the USA is a republic, and not a democracy, by the way. There are a billion ways to break the system for every 1 way to improve it; the ordinary person has a 0.0% chance of improving the system. That’s why representatives are elected and the election process in theory favors the more capable people, and those people have a >0% chance of making improvements. Even so, their probability of improving things is so minuscule that their individual opinions are still integrated via a voting process, and this voting process has extreme restrictions that favor the status quo. So the probability of improving the system is so astronomically low even in a republic, but in a democracy it’s so close to zero it basically never happens and that’s why those systems degrade over time and eventually collapse. Democratic socialists don’t understand basic probability theory because they think the average ordinary person should have direct impact on key systems, like production. That’s why socialism leads to mass starvation.
2 Likes
Easiest workaround just switch server to Europe.
That’s predicated on the game one wants to play is on EU since not every author publishes on multiple regions. But it’s definitely worth checking to see if it is.
I read on reddit and somewhere on this forum that EU is affected as well. Can’t really confirm if it’s true, since i decided not to launch the game.
1 Like
Yeah. I saw a couple posts about that here and there too.
The exploited maps can be uploaded to any region if they want, so it could potentially affect any of them.
1 Like
I am curious if this bug can even be fixed on Blizzard’s side. If i remember correctly this is not SC2 vulnerability but rather WebDav client which SC2 uses - in such case only developer of this extension can fix it, not Blizzard.
It could definitely be fixed on Bliz’s side.
I know nothing about how the client/service is coded underneath, however, on the surface, the problem seems to be what the SC2 client allows in its text fields and what it’s allowed to do with it. If text fields, like map names and map reviews, allow and execute a communication/data transfer protocol, then that opens the door to exploitation.
Although it may remove some QoL features, recoding the client and/or service to preventing code execution in those fields would prevent the current issue from continuing. That, or allow the code, but limit what can be executed, similarly to how these forums do.
WebDAV isn’t the issue, it’s a matter of what it’s used for just like any communication/data transfer protocol. Just about any protocol that moves data between remote sites could be exploited under right circumstances. For example, even without webdav html extensions, html alone can be exploited if security measures are compromised (or more likely, users are caught off guard).
4 Likes
That is so stupid. Get 3 others to join you and make it Class Action. Need to think big.
Appears to be happening again as I write this. I just found out about this today when I went to go play. I do have to agree that on the surface this appears to be an extremely simple fix. Why they don’t fix it baffles me. I get the effort behind testing/validating a patch, but they’ve had time to do that.
Going to submit this to a few big news sites. Blizz/Microsoft needs to get moving on this.
Hey all,
It does look like it’s started back up again. I see 4 lobbies using an exploited map.
Hopefully with it being the weekend, Bliz is paying at least some attention.
2 Likes
Leviathan, thanks for all your hard work!
wouldent blizzard have the ip or info on whoever is doing this? cause to upload a map in arcade/ the editor dont you need to atleast purchase a coop commander?