o NCSOFT released security update to address arbitrary command injection vulnerability in NC Launcher 2.
o NCSOFT Game Launcher, NC Launcher 2 has a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. this can be leveraged for code execution in the context of the current user.
□ Affected Product
220.127.116.111 and prior
o Update software over NC Launcher2 18.104.22.1685 version