REMOTE CODE EXECUTION —
No interaction required. “I didn’t even know that shit was possible,” pwned player says.
The_Grim_Sleeper
Bandai Namco, publisher of the Dark Souls role-playing game series, has taken down its player-versus-player servers while it investigates reports of a serious vulnerability that allows players to execute malicious code on the PCs of fellow players.
Word of the critical remote-code-execution flaw emerged over the weekend in Reddit threads here and here. An exploit that hit a user named The_Grim_Sleeper was captured in a video stream posted over the weekend. Starting around 1:20:22, the user’s game crashed, and a robotic voice mocked his gameplay and maturity level.
“What the fuck,” The_Grim_Sleeper said in response. “My game just crashed, and immediately Powershell opened up and started narrating a fucking” screed. “I didn’t even know that shit was possible.”
Details about the vulnerability weren’t immediately available. Initially, reports said the vulnerability resided in Dark Souls 3. On Sunday, Bandai Namco representatives said the company was removing PvP server play for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered as it investigated the reports. The tweet also said that Dark Souls: Prepare to Die would be affected.
Based on the description and the demo on Twitch, the vulnerability sounds critical because it allows hackers to remotely execute code of their choice on PCs as they play the games against other players. That means attackers could conceivably install ransomware, keyloggers, remote access trojans, or other malicious wares when they’re connected to the same PvP server as a target.
In many respects, the vulnerability resembles that Log4j vulnerability that surfaced late last month. That vulnerability made it possible for Minecraft players to execute malicious code on the PCs or servers of fellow players.
Few details are available about the Dark Souls vulnerability, so its cause is not immediately clear. There’s no indication, at least at the moment, that Dark Souls for Xbox or Playstation are affected.
Blue Sentinel, a community-developed Dark Souls mod designed to counteract cheats, has already introduced an update that mitigates attacks, but until Bandai Namco gives players the all clear, players are best off staying away from player-on-player gaming.
Representatives from the game maker didn’t immediately respond to a request for comment.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Personalized Name Tag For Stanley Cup 30 40 oz, Personalized Stanley Name Plate 40oz, Tumbler Lid Topper, Stanley Cup Accessories,…
$3.99 (as of March 11, 2025 19:45 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Tire Inflator Portable Air Compressor - 150PSI & 10000mAh Cordless Air Pump with Digital Tire Pressure…
$24.99 (as of March 11, 2025 19:45 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Amazon.com Gift Card in a Mini Envelope (General)
$10.00 (as of March 11, 2025 19:47 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Crocs Kids' Classic Clog
$30.64 (as of March 11, 2025 20:21 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
