Someone who had this installed (MajorGeeks) have completely removed the arcade due to exploits. Spam through emails.

You either need to provide a fix, or completely remove this. In the meantime, I'm moving to the other arcade.

http://forums.majorgeeks.com/showthread.php?t=158698


No problems, someone exploited a hole and the problem has been solved, basically the arcade has been removed. It is the repeated cause of many exploits, apparently the author can't keep up, so it is removed. Your account info is secure and not realted.

Yes, we have had security issues on this forum 3 times I can remember. All 3 were arcade exploits. It is the reason we moved the forums to their own servers (to not compromise the main servers) and the reason we must now completely remove it. Sorry.

I'm awaiting the official response to this issue... can't afford to install mods with known vulnerabilities, no matter how good they are.

Security was checked twice by vb.org staff and some other testers including myself, I don't see any single point how to use ibProArcade for mailsending/spamming or having any serious security-issue.

I assume they used the latest release v2.6.6+

Yes, in old releases prior to v2.6.0 there where some problems which all have been fixed a long time ago now.

Look:

"it was fairly specific to a certain game this time around"

Games are exploitable.

It's also notable that people were finding these in their spam box. The games can be exploited and our emails compromised. It happened. That can't be denied.

This needs looking at.

I have the arcade installed on a few sites (all over 150 games). I shall be now asking if anyone has started to receive any emails in their "Spam" inbox. I have had runs in the past where I get members to report games that don't submit high scores and they get removed

So far I have had no problems but if a member happens to confirm this issue then, i REALLY DON'T WANT TO, I will have to remove arcade (ONLY FOR NOW!!!)..

I will also report any negative responses back here. If there are none there will be no responses.

Cheers for this heads up!

MrZeropage:
Please check your PMs for more details and a fix

Thank you Phillip! :)

Hope the new, patched version is released soon...

update is coming within the next minutes :)

Thanks, Zero.

Excellent, thanks.

While on the subject of security, is there ANYWHERE where one could legally download any game packs from a trusted source that would check the legality of the games included?

I'm NOT asking where to get these games illegally (everyone knows as pretty much every arcade I've seen has thousands of them installed). I'm asking if there is any website that offers packs of legal games to download where the authors have consented to have the games included in the pack.

If not, that's more than a little sad.

never ever had any spam issues.

However i have had games try and redirect users offsite...not really the arcade at fault, its down to the games installed.

How to deal with..simple, did a thread explaining the issue, users pointed out the games in question, deleted the games in question.

started with 2000 games, now have 1664 games... simple really!

@Gladius2007:
There is an AddOn coming soon from micheal332001 which offers games ect. including an auto-installer ect. stay tuned for this, I already had a preview :)

@jacx:
ibProArcade v2.6.7+ has some more security included about gamearchives that may contain malicious files, codes ect. but still no chance for games that contain bad code inside the game itself, right

@Gladius2007:
There is an AddOn coming soon from micheal332001 which offers games ect. including an auto-installer ect. stay tuned for this, I already had a preview :)

That's great, I'll be on the lookout for that, hope it comes soon.

MrZeropage, you owe Phillip a huge thanks -- he spent his own time to find a huge security hole, that could of been costly. :)

EDIT: Shame you couldn't even thank him. Disgrace in my opinion.