wc3edit.net

Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.

owner123 wrote:

Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.

Source : http://www.hiveworkshop.com/forums/late ... it-184310/

Also see this. http://www.thehelper.net/forums/showthr ... rcraft-III

That sucks =\