Tuesday, July 25, 2017

Hackers hijacked PCs using Source Engine kill animation exploit

The bug is fixed, and affected Counter-Strike, Team Fortress 2, Portal 2 and more.


Counter-Strike: Global Offensive, Team Fortress 2, Portal 2 and other Source Engine games were all affected by a particularly nasty exploit until recently. Basically, by uploading custom assets into a custom map, hackers could use them to trigger a "buffer overflow vulnerability" which resulted in the victim PC being open to remote code execution.
In other words, merely shooting at an enemy could cause your machine to be remotely hijacked. The exploit was identified by One Up Security (via Motherboard) who notified Valve.
"Valve's Source SDK contained a buffer overflow vulnerability which allowed remote code execution on clients and servers," OUP's statement reads. "The vulnerability was exploited by fragging a player, which caused a specially crafted ragdoll model to be loaded.
Multiple Source games were updated during the month of June 2017 to fix the vulnerability. Titles included CS:GO, TF2, Hl2:DM, Portal 2, and L4D2. We thank Valve for being very responsive and taking care of vulnerabilites swiftly. Valve patched and released updates for their more popular titles within a day."
For a demonstration of how it worked, this very short video tells you all you need to know. Death has never been so scary.

Thanks PC GAMER


0 comments:

Post a Comment