o NCSOFT released security update to address arbitrary command injection vulnerability in NC Launcher 2.
o NCSOFT Game Launcher, NC Launcher 2 has a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. this can be leveraged for code execution in the context of the current user.
□ Affected Product
188.8.131.521 and prior
o Update software over NC Launcher2 184.108.40.2065 version