You are reading:
Under the Surface of Azeroth:
A Network Baseline and Security Analysis
of Blizzard's World of Warcraft


Step 2: Version Checking

The version of software running on every workstation is critical. Unlike a word processor or spreadsheet application, the version of World of Warcraft software on every computer must be identical, without exception. Older versions of software aren't allowed into the World of Warcraft universe. To ensure that everyone is running the latest version of software, every system must undergo a version check before entering Azeroth.

In the United States, the critical server name for upgrades is us.version.worldofwarcraft.com. This is the server that DNS resolves to fifteen different IP addresses (which shows how important the version check process is to World of Warcraft's operation). If this version check process doesn't complete for some reason, there's another check during the authentication process that ensures that the latest client version is running.

The normal version check process starts with a DNS query to us.version.worldofwarcraft.com. This is the second instance of the query originally made when the launcher started. If the launcher is disabled by the user, this will obviously be the first query for this hostname.

The version check process is a simple HTML request to the us.version.worldofwarcraft.com hostname over TCP port 80. The /update/PatchSequenceFile.txt is retrieved and compared to the World of Warcraft client installed on the local workstation.

This is the version check sequence traffic flow across the network: