Valve's Source SDK contained a buffer overflow vulnerability that allowed remote code execution. The issue was fixed in the latest game updates.
Information on the vulnerability was released last night by security research firm One Up Security. Affected titles included Counter-Strike: Global Offensive, Team Fortress 2, Half-Life 2: Death Match, Portal 2 and Left 4 Dead 2, as well as third party games that are built upon the Source SDK.
No one likes ads. We know that. But ads help us pay the bills. sentiment_dissatisfied
Please whitelist us in your adblocker software so that we can continue to provide quality content.
Advertisement
The vulnerability was found inside a function that takes care of ragdoll model physics that is used when players die. The vulnerability opened the way for potential exploits to run on the player's PC.
The fixes deployed by Valve only affect Valve's own products. Video game developers who have created a Source SDK modification game still have to manually apply and distribute a hotfix patch themselves.
The original Half-Life game that released in 1998 has also received updates this month to address similar issues.
You have read this entire article completely free of charge
Consider supporting our independent journalists by becoming a premium subscriber to gain unrestricted access to all content and features.
Every contribution we receive goes directly into funding our journalism to ensure we can continue doing what we do best.
Every contribution we receive goes directly into funding our journalism to ensure we can continue doing what we do best.
Comments