[ivegotnoaccount]

Not to mention them saying "if you use AAA games, you may already have such a thing running already so one more won't kill you." whereas, in real life, it increases the odds that a system will get hacked due to it since the attack surface increases (The number of bugs in "EA+Riot" could not be less than "EA", but could be higher, and the other way around)

[prvit]

> whereas, in real life, it increases the odds that a system will get hacked due to it since the attack surface increases

Bullshit. In real life nobody will hack you with a videogame anticheat kernel driver exploit.

They will hack you with a browser exploit, a ms office exploit, or just because you downloaded a malicious executable and decided to run it.

[ivegotnoaccount]

I agree that getting hacked through a browser is a far higher risk. However, the said browser is hopefully running with admin privileges, and if it is needed by the malware, it will need something else to exploit. If it was some small editor, it would serve no purpose for this. But we're talking about Riot Games, whose software is installed on hundreds of millions of machines and thus have a non-neglictible odd of being on the target's computer.

[prvit]

Admin privileges don’t matter, all the stuff you care about lives in your homedir.

Have you ever seen a real world example of super common and super insecure AV drivers being exploited for LPE? Probably not, it’s not worth the trouble.

[ivegotnoaccount]

I don't know if it has been exploited on the wild, but the subject seemingly interested some enough to find escalations bugs in https://en.m.wikipedia.org/wiki/SafeDisc.

[prvit]

Yes, there are tons of these bugs and tons of PoCs. However, in real life, nobody bothers to exploit them because there’s very little to gain by doing so.

[Retr0id]

> In real life nobody will hack you with a videogame anticheat kernel driver exploit.

That's just not true - for example, the infamous capcom.sys